[ECA-7540] Importing a CVCA certificate with error triggers CSRF error - PrimeKey Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: EJBCA 6.15.1
Fix Version/s: EJBCA 7.0.0, EJBCA 6.15.2
Component/s: None
Labels:
- CVC
- importcacert
Environment:
JBoss AS 7.1.1, WIldfly 10.1.
OpenJDK 7, OpenJDK 8.

Issue discovered during:
Another issue
Sprint:
EJBCA Team Bob - 2018 w45, EJBCA Team Bob - 2018 w48

Description

Affects 6.15.x branch only (JSP page).

If you import some CA Certificates of CVC type on the "Certification Authorities" page, you get a CSRF error.
For example the attached one, which has a certificate extension.

I can reproduce it on JBoss AS 7.1.1 and WIldfly 10.1, and on OpenJDK 7 and 8.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

diff1.txt
2018-11-27 15:00
5 kB
Tomas Gustavsson
GenericRequestWrapper.java
2018-11-27 15:00
4 kB
Tomas Gustavsson
MultipartFormData.java
2018-11-27 15:00
47 kB
Tomas Gustavsson
SECVCA10300000_SECVCA10300000.cvcert
2018-11-23 15:46
0.4 kB
Samuel Lidén Borell
two_ff_bytes.bin
2018-11-23 16:56
0.0 kB
Samuel Lidén Borell

Issue Links

linked with

DeskPRO #798 SG Assurity EJBCA getting CSRF when doing End Entity Profile Import

Activity

People

Assignee:: Tomas Gustavsson

Reporter:: Samuel Lidén Borell

Verified by:: Andrey Sergeev

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2018-11-23 15:38

Updated:: 2019-08-29 09:55

Resolved:: 2018-11-27 15:10

Time Tracking

Estimated:

Remaining:

40m

Logged:

7h 20m