Homec4science
Diffusion invenio-infoscience 0e0f3e518c46

WebSearch: 'verbose' mode available to admins only
0e0f3e518c46
Actions

Authored by Ludmila Marian <ludmila.marian@gmail.com> on Oct 15 2012, 16:06.

Description

WebSearch: 'verbose' mode available to admins only

  • The use of 'verbose' parameter for search pages is restricted to superadmins only, since it could expose potentially sensitive information, such as record IDs even though record content would remain restricted.

Details

Committed
Tibor Simko <tibor.simko@cern.ch>Oct 16 2012, 10:27
Parents
R3600:c089ce6cee2d: WebSearch: external search XSS vulnerability fix
Branches
Unknown
Tags
Unknown

Event Timeline

Tibor Simko <tibor.simko@cern.ch> committed R3600:0e0f3e518c46: WebSearch: 'verbose' mode available to admins only (authored by Ludmila Marian <ludmila.marian@gmail.com>).Oct 16 2012, 10:27

Changes (1)

Path
Mmodules/websearch/lib/websearch_webinterface.py

R3600:0e0f3e518c46

View Options

modules/websearch/lib/websearch_webinterface.py

Loading...
c4science ยท Help