Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-27952

Misuse of REST continuationToken results in HTTP/406, not 400

    Details

    • Type: Bug
    • Status: New
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.27.0
    • Fix Version/s: None
    • Component/s: REST
    • Labels:
    • Notability:
      4

      Description

      If a continuationToken is used incorrectly (perhaps reused across unique requests), Nexus will return a 406 Not Acceptable, instead of 400 Bad Request. It seems like a 406 should only involve bad content negotiation headers; the continuationToken is a query string value:

      https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/406

      The problem with the continuationToken is logged in this way:

      2021-06-16 15:49:56,053+0000 WARN [qtp435861612-346850] *UNKNOWN org.sonatype.nexus.siesta.internal.WebappExceptionMapper - (ID 989ee72d-69d6-470d-8b9e-b2f9721eb80a) Response: [406] (no entity/body); mapped from: javax.ws.rs.WebApplicationException: Continuation token <the-cont-token> does not match this query

      This also isn't a defined response code in the REST API Swagger doc.

       

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            jkruger John Kruger
            Last Updated By:
            Peter Lynch Peter Lynch
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Dates

              Created:
              Updated:
              Date of First Response:

                tigCommentSecurity.panel-title