Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: Release 1.1
    • Fix Version/s: Release 1.1
    • Component/s: Server
    • Labels:
      None

      Description

      User pages aren't protected when you access them directly.

      For example in a browser window with no session, try the following URL: http://esmecloudserverapache.dickhirsch.staxapps.net/user/esjewett

      You can access the page although you aren't even logged in.

        Activity

        Hide
        hudson Hudson added a comment -

        Integrated in ESME #326 (See https://hudson.apache.org/hudson/job/ESME/326/)
        ESME-260 Fixes issue with protection of user, tag, contacts, and public timeline pages

        Show
        hudson Hudson added a comment - Integrated in ESME #326 (See https://hudson.apache.org/hudson/job/ESME/326/ ) ESME-260 Fixes issue with protection of user, tag, contacts, and public timeline pages
        Hide
        esjewett Ethan Jewett added a comment -

        Patch was just committed - actually fixes the issue for /user /tag /info_view/public and /info_view/contacts pages.

        Show
        esjewett Ethan Jewett added a comment - Patch was just committed - actually fixes the issue for /user /tag /info_view/public and /info_view/contacts pages.

          People

          • Assignee:
            esjewett Ethan Jewett
            Reporter:
            rhirsch Dick Hirsch
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development