Vulnerability in EPiServer.Forms
We are using Geta.NotFoundHandler.Optimizely for redirects. We are having trouble redirect pages that are not visible to everyone but only to our members.
All the pages that are behind login are not redirecting.
https://www.test.com/my/page1 -> https://www.test.com/my/page2
Just to ask the question and trying to pinpoint this, what happens if the restrictions on these pages are removed (temporaily), do the pages redirect as expected?
If this can be tested on a DXP enviornment, do any errors show in the passportal? Or debug this locally where errors can be logged/tracked
I believe the Geta Notfound Handler only actions it's redirect logic if it is a legitimate 404 error e.g. Content does not exist. In your case the error is a 401 error at which point you'll need to add your own handler logic around users without permissions.
Thanks for the input Mark.
You are right Geta Notfound handler redirects if its a genuine 404 error. We were trying to redirect from one page URL to another, both existed in CMS.
So yes Get Notfound handler works as expected. We can redirect CMS page to another URL by using CMS page settings / options.