You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The server returns a 400 Bad Request for the download URL. The download URLs look like this:
// Registered user
http://localhost:8080/xwiki/bin/get/FileManager/Download-Admin-NAhd (302 Redirect)
http://localhost:8080/xwiki/tmp/filemanager/document%3Axwiki%3AFileManager.Download-Admin-NAhd/NAhd.zip
// Unregistered user
http://localhost:8080/xwiki/bin/get/FileManager/Download-%24%7Bxcontext.userReference.name%7D-gkub (302 Redirect)
http://localhost:8080/xwiki/tmp/filemanager/document%3Axwiki%3AFileManager.Download-%24%7Bxcontext%21.userReference%21.name%7D-gkub/gkub.zip
Notice the $xcontext.userReference.name in the download URL for unregistered users. The reason is because the guest user reference is null. The Tomcat doesn't like the encoded $ character. It works fine with Jetty though. Note that the URL is properly URL-encoded but Tomcat is protected itself from some security issues and doesn't allow such an URL.
We can use Velocity's silent notation to prevent this problem.
The text was updated successfully, but these errors were encountered:
The server returns a 400 Bad Request for the download URL. The download URLs look like this:
Notice the
$xcontext.userReference.name
in the download URL for unregistered users. The reason is because the guest user reference is null. The Tomcat doesn't like the encoded$
character. It works fine with Jetty though. Note that the URL is properly URL-encoded but Tomcat is protected itself from some security issues and doesn't allow such an URL.We can use Velocity's silent notation to prevent this problem.
The text was updated successfully, but these errors were encountered: