Details
-
Bug
-
Resolution: Fixed
-
Minor
-
14.10.21
-
None
-
Unit
-
High
-
Medium
-
N/A
-
N/A
-
Description
XWiki authentication cookies are by default IP-bound, meaning they are encoded using the IP of the browser that the user has used to authenticate. In order to authenticate the user when requesting the print preview page with the headless Chrome we need to decode the XWiki authentication cookies using the original user browser IP and re-encode them using the headless Chrome IP. But for this we need to find the headless Chrome IP address. We do this using the REST API. All this is useless when the XWiki authentication cookies are missing, e.g. because a custom authenticator is used, so we shouldn't call the REST API in this case.