Remo Liechti created SLING-12845:
------------------------------------
Summary: ProtectHeadersOnInclude functionality ignores changes to
the response buffer size
Key: SLING-12845
URL: https://issues.apache.org/jira/browse/SLING-12845
Project: Sling
Issue Type: Bug
Components: Engine
Affects Versions: Engine 3.0.0, Engine 2.16.4
Reporter: Remo Liechti
Assignee: Remo Liechti
See related issue SLING-12697 that has weakened the checks for committed
responses to not flag cases for {{sendRedirect}} and {{sendError.}}
However, this check is not sufficient enough. In cases where the response is
committed for other reasons than sendRedirect or sendError, violations still
need to be flagged.
The check needs to distinguish the cases of sendRedirect and sendError, to not
flag a violation, but also detect committed responses for other cases, such as:
* manually committed responses that are done through code, like writing
directly to the response writer or outputstream
* responses that get committed because the buffer if full and needs to be
flushed
* any others...
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
