[jboss-jira] [JBoss JIRA] (WFCORE-3416) User redirected with HTTP 301 instead of 302 in admin-only mode
Jeff Mesnil (JIRA)
issues at jboss.org
Thu Feb 8 04:03:01 EST 2018
[ https://issues.jboss.org/browse/WFCORE-3416?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jeff Mesnil updated WFCORE-3416:
--------------------------------
Fix Version/s: 3.1.0.Final
> User redirected with HTTP 301 instead of 302 in admin-only mode
> ---------------------------------------------------------------
>
> Key: WFCORE-3416
> URL: https://issues.jboss.org/browse/WFCORE-3416
> Project: WildFly Core
> Issue Type: Bug
> Components: Server
> Affects Versions: 4.0.0.Alpha2
> Environment: JBoss EAP 7.1.0.Alpha and 7.0.5
> OS : RHEL 7
> Reporter: Tomas Hofman
> Assignee: Tomas Hofman
> Fix For: 4.0.0.Alpha5, 3.1.0.Final
>
>
> The issue isn't that the console isn't working in admin-only mode. It's that a permanent redirect is issued for a temporary condition. The redirect from the console root URL should use a 302, not a 301, since the appropriate target depends on whether the server was started in admin-only mode.
> The root URL of the admin console ( / ) does a permanent redirect (301) to the final target. Normally it's a redirect to /console/index.html. But if the server is started in admin-only mode then /console/index.html doesn't return a sensible error (Chrome reports that the connection to the server was lost). If a browser has cached the permanent redirect, it won't be clear why the console isn't working.
> On the other hand if the server is started in domain-only mode and the browser caches the permanent redirect to /consoleerror/noConsoleForAdminModeError.html, then the browser will continue to load /consoleerror/noConsoleForAdminModeError.html even after the server is started without --admin-only.
> A 301 redirect is inappropriate since "admin-only" isn't a permanent state.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list