Details
-
Bug
-
Resolution: Fixed
-
High
-
4.0
-
None
-
4
-
Description
If you make a GET request such as
http://jira.atlassian.com/rest/gadget/1.0/pickers/projectsAndFilters?fieldName=quickfind&query=%20
Tomcat will actually serve up the parameters as
fieldName="quickfind"
query="" (EMPTYSTRING).
This means any attempt to use query parameters which consist only of space characters (such as typing just the space key in the project picker) will have an invalid OAuth signature as it is expected to have a value of %20.
This then causes the token to be revoked (joy!) and pretty much prevents the gadget from working after that.
Possibly the fix for this should be in our OAuth infrastructure, but it would appear the REST api is going to need to have a way to deal with this situation anyway so I have created this issue against JIRA.
Attachments
Issue Links
- relates to
-
CONFSERVER-17903 For some JIRA gadget added in confluence page, project & filter autocomplete stop working once user authorise it
- Closed