You are here: Foswiki>Tasks Web>Item1664 (05 Jul 2015, GeorgeClark)Edit Attach

Item1664: oops not generated on non existent topic

pencil
Priority: Low
Current State: Closed
Released In: 2.0.0
Target Release: major
Applies To: Engine
Component: AccessControl
Branches: master
Reported By: KwangErnLiew
Waiting For:
Last Change By: GeorgeClark
However, when a topic is nonexistent, non-authorised user will not see an oops message, but will see a Topic 'NameOfTopic' does not exist including WebLinks. Is this expected?

When viewing an existent topic in a restricted web, non-authorised users will see an oops message - as expected.

Confirming this. We "leak" that topic exist by denying existing topics in a view restricted web, but reveal that missing topics are missing. We should return an oops for any topic, missing or present, when the view restriction on the web would deny access and the topic is not overriding view permission.

-- GeorgeClark - 29 Dec 2014

ItemTemplate edit

Summary oops not generated on non existent topic
ReportedBy KwangErnLiew
Codebase 1.1.9, trunk
SVN Range Foswiki-1.0.0, Thu, 08 Jan 2009, build 1878
AppliesTo Engine
Component AccessControl
Priority Low
CurrentState Closed
WaitingFor
Checkins distro:989f31cb71f9
TargetRelease major
ReleasedIn 2.0.0
CheckinsOnBranches master
trunkCheckins
masterCheckins distro:989f31cb71f9
ItemBranchCheckins
Release01x01Checkins
Edit  | Attach | Print version | History: r3 < r2 < r1 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r3 - 05 Jul 2015, GeorgeClark
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy