-
Bug
-
Resolution: Fixed
-
Highest
-
8.5.4, 7.19.17
-
26
-
Severity 2 - Major
-
213
-
Issue Summary
This is reproducible on Data Center: (yes)
If the page contains one of the following characters sets in the content the saving process gets a HTTP 400 message.
../ ..\ …/ …\
Steps to Reproduce
- Create a fresh instance with Confluence 7.19.17
- Create test space
- Create a test page
- Insert ../ to the page and save it
- Then edit the page again and add new content then click Close to save as a draft
- Gets HTTP 400
Expected Results
The saving process should be completed properly.
Actual Results
Getting HTTP 400 message after clicking the close button.
Workaround
Option 1 - Using Confluence Source Editor
- Install the Confluence Source Editor app (from Atlassian Labs) in your Confluence Server/Data Center.
- Navigate to the affected page and select Edit at the top of the page.
- Select the Open in source editor button ('<>' symbol in the upper-right corner).
- Replace the below characters with ./ and .\
../ ..\ …/ …\
- Click Apply then Update
- Refresh the page.
Option 2 - Database Manipulation
- Find the page ID via UI —> How to get Confluence page ID
- Stop Confluence
- Create a backup of Confluence's database. Save somewhere offsite for safekeeping.
- Execute the below query if the Collaborative Editing is enabled on Confluence;
update CONTENTPROPERTIES set stringval='synchrony-recovery' where propertyname = 'sync-rev-source' and contentid=<Page Id>;
- Run the following SQL query on Confluence's database:
select * from bodycontent b where b.contentid=<Page Id>;
- Get the bodycontent from the above query and open it in a text editor.
- Replace the below characters with ./ and .\
../ ..\ …/ …\
- Execute the below query to update bodycontent
update bodycontent set body='<Copy Edited Content Here>' where contentid=<Page Id>;
- Start Confluence
Please apply the changes on the test or staging environment first to prevent any data loss.
- followed by
-
-
- Closed
-
- is duplicated by
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
- relates to
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
- was cloned as
-
-
- Closed
-
- mentioned in
-
Page Loading...
-
-
-
-
-
[CONFSERVER-93655] Getting HTTP 400 while saving page by using the close button.
Hi 1caf9a948cc0 , I have verified again this has been fixed in 7.19.18. If you are experiencing a similar issue, it could be caused by a different request. You can check the linked issues in this ticket. If your issue is not there, please raise a support ticket so we can address it in a future release. Thank you.
Hi 2f50ce82706f , for the style sheet issue, we have a linked issue https://jira.atlassian.com/browse/CONFSERVER-94256. For the copy page issue, please kindly raise a support ticket so we can identify the exact details of the affected request. Thanks.
Still happens in v7.19.19 when you try to copy a page in which ../ is used either in headline or body and save it.
HTTP 400 shows up again once you hit the save button.
We can still reproduce the issue with 7.19.18 so I think it's not fixed yet.
Same Issue with style sheets, btw
If you have a relative path (starts wih ../) in a style sheet, then you are not able to save that anymore (http400).
Not fixed with 7.19.18 !
In 8.5.5 the close button now work, but the also reported issue with the Source Editor is not closed.
Error loading source - Unkown error occured calling server (400)
Fixed verified on 7.19.18, but we just noticed that if you create a page with ../ from the start and hit "publish", it throws a 400 error. Not as critical as the original bug, but it should still be addressed in the next release
580fc054682a Hi Babu, I just did another check on 8.5.5 and can confirm that the 400 error has been resolved. The issue you've described appears to be separate from this. I would recommend raising a support ticket for this issue, which will allow our support engineers to help identify the exact cause. Thanks
Hi 22ae454f7105 , 8.6.2 is not an LTS version so the fix is not backported there. Please refer to our bugfix policy and release notes for more info.