Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Neutral
Fix Version/s: 6.2.12
Affects Version/s: 6.2.6
Component/s: None
Labels:
- VN-Analysis
- VN-Testing

Template:
Acceptance criteria:

Empty

show more show less
Task DoD:

show more show less
Bug DoR:

show more show less
Release notes required:

Yes
Epic Link:
Headless Backlog
Sprint:
HL & LD 37, HL & LD 38
Story Points:
1

Description

Unauthorized requests may misleadingly return CORS error instead of their expected HTTP status. See ~~MGNLREST-275~~ for details/steps to reproduce.

CORS filter should be before uriSecurity;
~~MAGNOLIA-7969~~ fixed this in 6.2.6 for upgrades, however the reordering was omitted for fresh installs.

Workaround

Move cors filter before uriSecurity

Development notes

See https://wiki.magnolia-cms.com/display/ARCHI/2021-01-06+Placement+of+CORS+filter

Checklists

Acceptance criteria

Attachments

Issue Links

clones

MAGNOLIA-7969 CORS headers not added for unauthorized (401) requests

Closed

is cloned by

MGNLSITE-107 CLONE - CORS headers not added for unauthorized (401) requests

Closed

Activity

People

Assignee:: Jaroslav Simak

Reporter:: Mikaël Geljić

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 08/Sep/21 8:38 AM

Updated:: 21/Mar/22 4:48 PM

Resolved:: 17/Sep/21 3:26 PM

Date of First Response:: 20/Sep/21 8:21 AM

Checklists

Bug DoR

Task DoD

Time Tracking

Estimated:

Not Specified

Remaining:

Logged: