Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-19856

WordCurlyQuotesRequestWrapper breaks OAuth signing process

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • High
    • 4.0.2
    • 4.0
    • None

    Description

      If you make a GET request such as

      http://jira.atlassian.com/rest/gadget/1.0/pickers/projectsAndFilters?fieldName=quickfind&query=%20

      Tomcat will actually serve up the parameters as
      fieldName="quickfind"
      query="" (EMPTYSTRING).

      This means any attempt to use query parameters which consist only of space characters (such as typing just the space key in the project picker) will have an invalid OAuth signature as it is expected to have a value of %20.
      This then causes the token to be revoked (joy!) and pretty much prevents the gadget from working after that.

      Possibly the fix for this should be in our OAuth infrastructure, but it would appear the REST api is going to need to have a way to deal with this situation anyway so I have created this issue against JIRA.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. CONFSERVER-17903 For some JIRA gadget added in confluence page, project & filter autocomplete stop working once user authorise it

          • Medium - Medium priority issues
          • Closed

          Activity

            People

              Unassigned Unassigned
              alynch Andrew Lynch (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: