Details

    • Branch Version/s:
      6.2.x
    • Backported to Branch:
      Committed

      Description

      Steps to reproduce:

      1. In a vanilla installation, in your localhost go to http://localhost:8080/api/jsonws/company/get-company-by-virtual-host/virtual-host/localhost?p_auth=7vGaicGJ
      2. Assert that it works
      3. Retry using http://localhost:8080/api/jsonws/company/get-company-by-virtual-host/virtual-host/localhost (note that the p_auth parameter has been removed)
      4. Assert that it fails and a message SECURITY EXCEPTION is printed in the page:
      5. Go to the browser console and check the status header.
        Current: Shows a 200 code
        Expected: An error code

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              roberto.diaz Roberto Díaz
              Reporter:
              roberto.diaz Roberto Díaz
              Participants of an Issue:
              Recent user:
              Michael Saechang
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Days since last comment:
                4 years, 4 weeks, 4 days ago

                  Packages

                  Version Package
                  6.2.X EE