Opened 15 years ago
Last modified 14 years ago
#5848 closed defect
1.0.6 returns different HTTP response code when privileges are insufficient — at Initial Version
Reported by: | Steffen Pingel | Owned by: | osimons |
---|---|---|---|
Priority: | normal | Component: | XmlRpcPlugin |
Severity: | normal | Keywords: | |
Cc: | Trac Release: | 0.11 |
Description
I noticed that some of the Mylyn tests failed after I updated the XML-RPC plugin from version 1.0.2 to 1.0.6. Some tests perform operations without being authenticated and expect an HTTP 403 "Forbidden" response. Instead a 200 response is returned with an error message.
I am also confused by the faultCode which is set to "1" which was previously only used if a method did not exist (and Mylyn relies on that for proper error handling).
Caputured output for version 1.0.6:
POST /trac011/xmlrpc HTTP/1.1 Content-Type: text/xml User-Agent: Mylyn HttpClient/3.1 Java/1.5.0_20 (Sun) Linux/2.6.31-10-generic-pae (i386) Host: mylyn.eclipse.org Content-Length: 117 <?xml version="1.0" encoding="UTF-8"?><methodCall><methodName>system.getAPIVersion</methodName><params/></methodCall>HTTP/1.1 200 Ok Date: Sun, 20 Sep 2009 19:29:19 GMT Server: Apache/2.2.0 (Linux/SUSE) Content-Length: 312 Content-Type: text/xml <?xml version='1.0'?> <methodResponse> <fault> <value><struct> <member> <name>faultCode</name> <value><int>1</int></value> </member> <member> <name>faultString</name> <value><string>XML_RPC privileges are required to perform this operation</string></value> </member> </struct></value> </fault> </methodResponse>
Captured output for 1.0.2:
POST /trac010/xmlrpc HTTP/1.1 Content-Type: text/xml User-Agent: Mylyn HttpClient/3.1 Java/1.5.0_20 (Sun) Linux/2.6.31-10-generic-pae (i386) Host: mylyn.eclipse.org Content-Length: 117 <?xml version="1.0" encoding="UTF-8"?><methodCall><methodName>system.getAPIVersion</methodName><params/></methodCall>HTTP/1.1 403 Forbidden Date: Sun, 20 Sep 2009 19:41:16 GMT Server: Apache/2.2.0 (Linux/SUSE) Cache-control: must-revalidate Expires: Fri, 01 Jan 1999 00:00:00 GMT Set-Cookie: trac_form_token=3697f2514a8b2dfafcb60c66; Path=/trac010; Set-Cookie: trac_session=f3401d36e4c23809577bfb82; expires=Sat, 19-Dec-2009 19:41:16 GMT; Path=/trac010; Content-Length: 2897 Content-Type: text/html;charset=utf-8 <!DOCTYPE html ...
Note: See
TracTickets for help on using
tickets.