[jira] [Resolved] (JSPWIKI-1071) Ajax request header 'Connection' forbidden since 2015

brushed (JIRA) Tue, 05 Jun 2018 13:48:22 -0700


     [ 
https://issues.apache.org/jira/browse/JSPWIKI-1071?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


brushed resolved JSPWIKI-1071.
------------------------------
       Resolution: Fixed
    Fix Version/s: 2.10.5

Fixed in 2.10.5-git-03.  Using "GET" iso "POST" http requests to avoid invalid 
header in (old) mootools library 1.1x

> Ajax request header 'Connection' forbidden since 2015
> -----------------------------------------------------
>
>                 Key: JSPWIKI-1071
>                 URL: https://issues.apache.org/jira/browse/JSPWIKI-1071
>             Project: JSPWiki
>          Issue Type: Bug
>          Components: Templates and UI
>    Affects Versions: 2.10.4
>            Reporter: Miguel Moquillon
>            Assignee: brushed
>            Priority: Major
>             Fix For: 2.10.5
>
>
> Since 2015, for security reason, it is no more accepted for Ajax request to 
> set the Connection HTTP header.
> Unfortunately, the Ajax in JSPWiki uses this deprecated and forbidden feature 
> :( 
> For example, in the on-fly preview  of a page edition. So any Ajax requests 
> from JSPs are blocked by the current web browser.
> This affect all versions



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (JSPWIKI-1071) Ajax request header 'Connection' forbidden since 2015

Reply via email to