[MAGNOLIA-8162] Image URI with spaces cause CsrfTokenSecurityFilter#generateCookie to fail Created: 23/Aug/21 Updated: 10/Nov/21 Resolved: 01/Nov/21 |
|
| Status: | Closed |
| Project: | Magnolia |
| Component/s: | None |
| Affects Version/s: | 6.2.12 |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Neutral |
| Reporter: | Federico Grilli | Assignee: | Unassigned |
| Resolution: | Obsolete | Votes: | 1 |
| Labels: | csrf, maintenance | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||
| Template: | |||||||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||||||
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||||||||||||||||||
| Bug DoR: |
[X]*
Steps to reproduce, expected, and actual results filled
[X]*
Affected version filled
|
||||||||||||||||||||
| Date of First Response: | |||||||||||||||||||||
| Description |
|
If request.getServletPath() contains spaces, then URI(path) throws
Exception in thread "main" java.net.URISyntaxException: Illegal character in path at index 51: /dam/jcr:d0836006-76be-458d-baa0-fd03ee061e57/image name with spaces.jpg
at java.base/java.net.URI$Parser.fail(URI.java:2913)
at java.base/java.net.URI$Parser.checkChars(URI.java:3084)
at java.base/java.net.URI$Parser.parseHierarchical(URI.java:3166)
at java.base/java.net.URI$Parser.parse(URI.java:3125)
at java.base/java.net.URI.<init>(URI.java:600)
at Scratch.main(Scratch.java:14)
Wondering why image links use asset name instead of JCR name (which has spaces replaced with dash). Possibly for SEO reasons? At any rate, solving Workaround:
|
| Comments |
| Comment by Michael Duerig [ 01/Nov/21 ] |
|
Not a problem any more. With MAGNOLIA-7899 the servlet path is not part of the cookie any more.
|