dspace-angular icon indicating copy to clipboard operation
dspace-angular copied to clipboard

Published 20 hours ago verified publisher icon DSpace

401 Unauthorized metadata-export-search request on search page requests

Open paulo-graca opened this issue 1 year ago • 1 comments

Describe the bug

As an anonymous user, when navigating DSpace, on search pages (I've also found this in Apache Logs), I encounter some metadata-export-search requests that always return 401 Unauthorized codes. This isn't the problem, is expected to return that result. The problem is why the requests are made in the first place. Shouldn't we use some kind of feature request to validate the access?

image

To Reproduce

Steps to reproduce the behavior:

  1. I used demo.dspace.org to reproduce the issue (DSpace 8, but also affects DSpace 7.6.1)
  2. I first access to the first page
  3. Then, did a search (without any search keyword)
  4. List every request using Browser's DevTools and there was the 401 Unauthorized

Expected behavior

I was expecting that features requests could be used instead. Something like:

https://demo.dspace.org/server/api/authz/authorizations/search/object?uri=https://demo.dspace.org/server/api/...&feature=...&embed=feature

paulo-graca avatar Sep 19 '24 13:09 paulo-graca