Description
The redirect query parameter will be removed from Content Management’s document sharing REST endpoint to address a security vulnerability. The behavior of the endpoint will be changed to always behave as if the redirect
parameter is false
. As a result, it will not be possible to download a file by clicking a shared link without an additional step. Instead, the user will always be presented with a preview page that has a button to download the file. Please contact Genesys Cloud Care directly for inquiries relating to this change.
Change Category
API
Change Context
It was found that manipulation with redirect
query parameter may cause a potential data security threat for customers. The redirect parameter is being removed completely.
Change Impact
Customers will not be able to download a file straight away by shared link. Instead a downloading page will be shown instead with preview and/or a download button. Use cases relying on using these redirect links to perform automated downloading will now require manual interaction for a user to click the button in their browser to download the file.
Date of Change
Immediate
Impacted APIs
GET /platform/api/v2/contentmanagement/shared/{shareId}
References
[CM-5742]
[PLATFORM-4524]