In Confluence 7.19.17 we have found a bug.
When we edit a page with body, that has symbols
"../", the page could not to be previewed or closed.
So we have a 400 error response when we pressed button “Preview” or “Close”.
>>> Request
POST /pages/rendercontent.action HTTP/1.1
Host: confluence-test.hidden.domain
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Atlassian-Token: no-check
X-Requested-With: XMLHttpRequest
Content-Length: 149
Origin: https://confluence-test.hidden.domain
Connection: keep-alive
Referer: https://confluence-test.hidden.domain/pages/editpage.action?pageId=631996965
Cookie: JSESSIONID=F7F533BCA93FF15DD7FAF1C369C06079; CONFLUENCE_RETURNTOCOOKIE=https://confluence-test.hidden.domain/; DEVICEDETAILS=Mozilla/5.0 (Windows NT 10.0: Win64: x64: rv:120.0) Gecko/20100101 Firefox/120.0||Firefox||Windows OS||PDF Viewer, Chrome PDF Viewer, Chromium PDF Viewer, Microsoft Edge PDF Viewer, WebKit built-in PDF||false||Mozilla||en-US, en||true||East Kazakhstan Time||en-US||true; seraph.confluence=666697729%3A0cc11a89bb3de7c43c2a74195f7b8f35dabdc525; confluence.browse.space.cookie=space-templates
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
>>> Response
HTTP/1.1 400
Server: nginx
Date: Fri, 22 Dec 2023 17:31:12 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 762
Connection: keep-alive
Cache-Control: no-store
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Confluence-Request-Time: 1703266272537
X-Seraph-LoginReason: OK
X-AUSERNAME: hidden_username
Content-Language: en
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.