spring-projects / spring-security

Spring Security
http://spring.io/projects/spring-security
Apache License 2.0
8.86k stars 5.92k forks source link

SEC-2750: Fix Invalid Links in Documentation #2976

Open spring-projects-issues opened 10 years ago

spring-projects-issues commented 10 years ago

Rob Winch (Migrated from SEC-2750) said:

error Line: 7111 http://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html Status: 302 -> 404 Not Found The link is broken. Double-check that you have not made any typo, or mistake in copy-pasting. If the link points to a resource that no longer exists, you may want to remove or fix the link.

error Line: 5710 http://blog.springsource.com/2009/01/02/spring-security-customization-part-2-adjusting-secured-session-in-real-time/ redirected to http://spring.io/blog/2009/01/02/spring-security-customization-part-2-adjusting-secured-session-in-real-time/ Status: 301 -> 404 Not Found The link is broken. Double-check that you have not made any typo, or mistake in copy-pasting. If the link points to a resource that no longer exists, you may want to remove or fix the link.

error Line: 4946 http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html Status: 200 OK Some of the links to this resource point to broken URI fragments (such as index.html#fragment).

Broken fragments: http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html#setHeader(java.lang.String,java.lang.String) (line 4946) error Lines: 8948, 9140, 9148 http://en.wikipedia.org/wiki/Cross-site_scripting Status: 200 OK Some of the links to this resource point to broken URI fragments (such as index.html#fragment).

Broken fragments: http://en.wikipedia.org/wiki/Cross-site_scripting#Non-Persistent (lines 9140, 9148) error Lines: 6804, 7633, 7637 http://docs.spring.io/cdn-cgi/l/email-protection Status: 200 OK Some of the links to this resource point to broken URI fragments (such as index.html#fragment).

Broken fragments: http://docs.spring.io/cdn-cgi/l/email-protection#52383b3f3b123a373c36203b2a7c3d2035 (line 7633) http://docs.spring.io/cdn-cgi/l/email-protection#43292a2e2a032b262d27312a3b6d2c3124 (line 7637) error Lines: 875, 1973, 4541, 5167, 8197, 9070 http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ Status: 200 OK Some of the links to this resource point to broken URI fragments (such as index.html#fragment).

Broken fragments: http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/#db_schema_users_authorities (line 1973) http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/#nsa-frame-options-origin (line 9070) http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/#concurrency-support (line 8197) http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/#the-csrfInput-tag (line 4541) http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/#el-pre-post-annotations-arguments (line 875) http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/#headers-headers-writer (line 5167) info Line: 7393 https://localhost:9443/cas/logout Status: (N/A) Checking non-public IP address disallowed by link checker configuration The link resolved to a non-public IP address, and this link checker instance has been configured to not access such addresses. This may be a real error or just a quirk of the name resolver configuration on the server where the link checker runs. Check the link manually, in particular its hostname/IP address.

info Line: 2659 http://localhost:8080/contacts Status: (N/A) Checking non-public IP address disallowed by link checker configuration The link resolved to a non-public IP address, and this link checker instance has been configured to not access such addresses. This may be a real error or just a quirk of the name resolver configuration on the server where the link checker runs. Check the link manually, in particular its hostname/IP address.

error Line: 5037 https://mibank.example.com/ Status: (N/A) Can't connect to mibank.example.com:443 (Bad hostname 'mibank.example.com') The hostname could not be resolved. Check the link for typos.

error Line: 7215 https://server3.company.com/webapp/j_spring_cas_security_check?ticket=ST-0-ER94xMJmn6pha35CQRoZ Status: (N/A) Can't connect to server3.company.com:443 (Bad hostname 'server3.company.com') The hostname could not be resolved. Check the link for typos.

error Line: 7230 https://server3.company.com/webapp/j_spring_cas_security_proxyreceptor?pgtIou=PGTIOU-0-R0zlgrl4pdAQwBvJWO3vnNpevwqStbSGcq3vKB2SqSFFRnjPHt&pgtId=PGT-1-si9YkkHLrtACBo64rmsi3v2nf7cpCResXg5MpESZFArbaZiOKH Status: (N/A) Can't connect to server3.company.com:443 (Bad hostname 'server3.company.com') The hostname could not be resolved. Check the link for typos.

error Line: 2237 http://axschema.org/ Status: (N/A) Can't connect to axschema.org:80 (Bad hostname 'axschema.org') The hostname could not be resolved. Check the link for typos.

error Line: 7224 https://my.company.com/cas/proxyValidate?service=https%3A%2F%2Fserver3.company.com%2Fwebapp%2Fj_spring_cas_security_check&ticket=ST-0-ER94xMJmn6pha35CQRoZ&pgtUrl=https://server3.company.com/webapp/j_spring_cas_security_proxyreceptor Status: (N/A) Can't connect to my.company.com:443 (Bad hostname 'my.company.com') The hostname could not be resolved. Check the link for typos.

error Lines: 5037, 5040 https://mybank.example.com/ Status: (N/A) Can't connect to mybank.example.com:443 (Bad hostname 'mybank.example.com') The hostname could not be resolved. Check the link for typos.

error Line: 9913 http://axschema.org/contact/email Status: (N/A) Can't connect to axschema.org:80 (Bad hostname 'axschema.org') The hostname could not be resolved. Check the link for typos.

error Line: 7209 https://my.company.com/cas/login?service=https%3A%2F%2Fserver3.company.com%2Fwebapp%2Fj_spring_cas_security_check Status: (N/A) Can't connect to my.company.com:443 (Bad hostname 'my.company.com') The hostname could not be resolved. Check the link for typos.

info Line: 4637 https://github.com/spring-projects/spring-security/blob/3.2.0.RC1/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpAccessDeniedHandlerTests.groovy Status: (N/A) Forbidden by robots.txt The link was not checked due to robots exclusion rules. Check the link manually.

Broken fragments: https://github.com/spring-projects/spring-security/blob/3.2.0.RC1/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/NamespaceHttpAccessDeniedHandlerTests.groovy#L64 (line 4637) info Line: 4593 https://github.com/cujojs/rest Status: (N/A) Forbidden by robots.txt The link was not checked due to robots exclusion rules. Check the link manually.

info Line: 1415 https://github.com/spring-projects/spring-security/tree/master/samples/ldap-jc Status: (N/A) Forbidden by robots.txt The link was not checked due to robots exclusion rules. Check the link manually.

info Line: 1393 https://github.com/spring-projects/spring-security/tree/master/samples/jdbc-jc Status: (N/A) Forbidden by robots.txt The link was not checked due to robots exclusion rules. Check the link manually.

info Line: 3858 https://github.com/SpringSource/spring-security/blob/master/samples/servletapi-xml Status: (N/A) Forbidden by robots.txt The link was not checked due to robots exclusion rules. Check the link manually.

info Line: 4604 https://github.com/cujojs/rest/tree/master/docs Status: (N/A) Forbidden by robots.txt The link was not checked due to robots exclusion rules. Check the link manually.

info Lines: 923, 954 https://github.com/spring-projects/spring-security/tree/master/samples Status: (N/A) Forbidden by robots.txt The link was not checked due to robots exclusion rules. Check the link manually.

List of redirects

The links below are not broken, but the document does not use the exact URL, and the links were redirected. It may be a good idea to link to the final location, for the sake of speed.

warning Line: 836 https://jira.springsource.org/issues/?jql=project%20%3D%20SEC%20AND%20fixVersion%20in%20(%223.2.0.RC2%22%2C%20%223.2.0%22%2C%20%223.2.0.RC1%22%2C%20%223.2.0.M2%22%2C%20%223.2.0.M1%22)%20ORDER%20BY%20priority%20DESC%2C%20issuetype%20ASC%2C%20key%20DESC redirected to https://jira.spring.io/issues/?jql=project%2520%253D%2520SEC%2520AND%2520fixVersion%2520in%2520(%25223.2.0.RC2%2522%252C%2520%25223.2.0%2522%252C%2520%25223.2.0.RC1%2522%252C%2520%25223.2.0.M2%2522%252C%2520%25223.2.0.M1%2522)%2520ORDER%2520BY%2520priority%2520DESC%252C%2520issuetype%2520ASC%252C%2520key%2520DESC Status: 301 -> 200 OK This is a permanent redirect. The link should be updated.

warning Line: 4487 https://jira.springsource.org/browse/SEC-2347 redirected to https://jira.spring.io/browse/SEC-2347 Status: 301 -> 200 OK This is a permanent redirect. The link should be updated.

warning Line: 2762 http://forum.springsource.org/ redirected to http://forum.spring.io/ Status: 301 -> 200 OK This is a permanent redirect. The link should be updated.

warning Line: 4826 https://jira.springsource.org/browse/SEC-2348 redirected to https://jira.spring.io/browse/SEC-2348 Status: 301 -> 200 OK This is a permanent redirect. The link should be updated.

warning Line: 392 http://static.springsource.org/spring-security/site/index.html redirected to http://docs.spring.io/spring-security/site/index.html Status: 301 -> 200 OK This is a permanent redirect. The link should be updated.

warning Line: 5115 https://jira.springsource.org/browse/SEC-2117 redirected to https://jira.spring.io/browse/SEC-2117 Status: 301 -> 200 OK This is a permanent redirect. The link should be updated.

warning Line: 1698 http://www.springsource.com/products/sts redirected to http://spring.io/tools Status: 301 -> 200 OK This is a permanent redirect. The link should be updated.

warning Line: 379 http://www.owasp.org/ redirected to https://www.owasp.org/index.php/Main_Page Status: 301 -> 200 OK This is a permanent redirect. The link should be updated.

warning Line: 7175 http://www.ja-sig.org/cas redirected to https://www.apereo.org/ Status: 301 -> 200 OK This is a permanent redirect. The link should be updated.

warning Line: 5125 https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options redirected to https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options Status: 301 -> 200 OK This is a permanent redirect. The link should be updated.

warning Line: 1687 http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html redirected to http://docs.spring.io/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html Status: 301 -> 200 OK This is a permanent redirect. The link should be updated.

warning Line: 2750 http://jira.springsource.org/browse/SEC redirected to https://jira.spring.io/browse/SEC Status: 301 -> 200 OK This is a permanent redirect. The link should be updated.

LeBezout commented 4 years ago

Hi, some broken links in OAuth 2.0 Migration Guide https://github.com/spring-projects/spring-security/wiki/OAuth-2.0-Migration-Guide

Links to fix (404)

Fix

https://docs.spring.io/spring-security-oauth2-boot/docs/current/reference/htmlsingle/ => https://docs.spring.io/spring-security-oauth2-boot/docs/current/reference/html5/

Or implement redirection like "spring-security" : https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#webflux-oauth2resourceserver-jwt-authorization

jzheaux commented 4 years ago

Thanks, @LeBezout, for the report. Will you please open a separate ticket for that?