Uploaded image for project: 'OpenId Connect'
  1. OpenId Connect
  2. OIDC-126

NPE when a dubious reference is given in the Authorization header

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Minor
    • 1.32.1
    • 1.32
    • Provider
    • None
    • Unknown

    Description

      To reproduce:

      curl -H "Authorization: Bearer XWiki.Admin^XWiki.OIDC.ConsentClass[1000]/z9LdZe0-ey5cZ3OJUZC9HCCpH3cQlGFpOvDi2buI5os" http://localhost:8080/xwiki/bin/view/Main/

      Make sure XWiki.OIDC.ConsentClass[1000] does not exist.

      Attachments

        Activity

          People

            rjakse Raphaël Jakse
            rjakse Raphaël Jakse
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: