Details
-
Bug
-
Resolution: Unresolved
-
Low
-
None
-
5.10.8
-
1
-
Severity 3 - Minor
-
0
-
Description
From Confluence Support:
https://support.atlassian.com/browse/CSP-188674
A badly formatted REST request causes a stack-trace to be returned. Tested on 5.10.8
Example:
POST /rest/webResources/1.0/resources Content-Type= application/json {"c":[],"r":["5","xc":["_super","main","atl.general","login"],"xr":"confluence.web.resources:login"]}
Result:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><status><status-code>500</status-code><message>Unexpected character (':' (code 58)): was expecting comma to separate ARRAY entries at [Source: org.apache.catalina.connector.CoyoteInputStream@45aa7a14; line: 1, column: 23]</message><stack-trace>org.codehaus.jackson.JsonParseException: Unexpected character (':' (code 58)): was expecting comma to separate ARRAY entries at [Source: org.apache.catalina.connector.CoyoteInputStream@45aa7a14; line: 1, column: 23] at org.codehaus.jackson.JsonParser._constructError(JsonParser.java:1433) at org.codehaus.jackson.impl.JsonParserMinimalBase._reportError(JsonParserMinimalBase.java:521) at org.codehaus.jackson.impl.JsonParserMinimalBase._reportUnexpectedChar(JsonParserMinimalBase.java:442) at org.codehaus.jackson.impl.Utf8StreamParser.nextToken(Utf8StreamParser.java:482) at org.codehaus.jackson.map.deser.std.StringCollectionDeserializer.deserialize(StringCollectionDeserializer.java:164) at org.codehaus.jackson.map.deser.std.StringCollectionDeserializer.deserialize(StringCollectionDeserializer.java:146) at org.codehaus.jackson.map.deser.std.StringCollectionDeserializer.deserialize(StringCollectionDeserializer.java:18) at org.codehaus.jackson.map.deser.SettableBeanProperty.deserialize(SettableBeanProperty.java:299) at org.codehaus.jackson.map.deser.SettableBeanProperty$FieldProperty.deserializeAndSet(SettableBeanProperty.java:579) ...