Document sharing link: removing Redirect query parameter due to vulnerability

Description

The redirect query parameter will be removed from Content Management’s document sharing REST endpoint to address a security vulnerability. The behavior of the endpoint will be changed to always behave as if the redirect parameter is false. As a result, it will not be possible to download a file by clicking a shared link without an additional step. Instead, the user will always be presented with a preview page that has a button to download the file. Please contact Genesys Cloud Care directly for inquiries relating to this change.

Change Category

API

Change Context

It was found that manipulation with redirect query parameter may cause a potential data security threat for customers. The redirect parameter is being removed completely.

Change Impact

Customers will not be able to download a file straight away by shared link. Instead a downloading page will be shown instead with preview and/or a download button. Use cases relying on using these redirect links to perform automated downloading will now require manual interaction for a user to click the button in their browser to download the file.

Date of Change

Immediate

Impacted APIs

GET /platform/api/v2/contentmanagement/shared/{shareId}

References

[CM-5742]
[PLATFORM-4524]