Details
-
Bug
-
Resolution: Fixed
-
High
-
3.3.15, 4.0.2
-
None
Description
ESI responses in Page Builder's block are rendered passing the landing page's content id and version number. If for any reason ESI response for a block is requested with a version of the landing page that is no longer available, the page will be redirected to the login form.
Steps to reproduce
1. Clean installation of Ibexa DXP v3.3 with Translation based HTTP Cache invalidation enabled and Varnish
2. Create an additional Polish (pol-PL) language.
3. Create and publish Test Folder Folder (eng-GB).
4. Create and publish a Test LP Landing Page (eng-GB) with an embed block pointing to Test Folder.
5. Add a polish translation for Test LP and publish it. This will create Version 2 for the Test LP.
6. In incognito mode view Test LP in the English language on the front end to cache the response.
7. In the backend edit Polish translation and publish it. This will create Version 3 for the Test LP.
8. Purge HTTP cache for the Test Folder
php bin/console fos:httpcache:invalidate:tag c<contentId>
please replace <contentId> with Test Folder content Id.
9. In incognito mode view Test LP in the English language on the front end.
Result
You will be redirected to the login page.
Expected Result
Page is displayed normally.
This occurs because the ESI fragment is requested from the cached English response of Test LP, which is in Version 2, but Version 3 is already published, therefore Version 2 is archived. Anonymous user does not have access to the archived versions of the content, therefore redirection to the login form is rendered.