View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0004321 | Composr | search | public | 2020-07-14 23:11 | 2020-07-16 04:00 |
| Reporter | Adam Edington | Assigned To | Chris Graham | ||
| Severity | Feature-request | ||||
| Status | resolved | Resolution | fixed | ||
| Product Version | 10.0.31 | ||||
| Fixed in Version | 10.0.32 | ||||
| Summary | 0004321: Meta tags being shown for unvalidated entries | ||||
| Description | Logged in as a Supermember, not using SU, some of the tags which are shown are actually for entries which are unvalidated. Have used cleanup tools. | ||||
| Tags | No tags attached. | ||||
| Time estimation (hours) | |||||
| Sponsorship open | |||||
| related to | 0004324 | non-assigned | Improve on tag (keyword) security |
|
|
side_tag_cloud block, right? |
|
|
Yes |
|
|
Automated response: side_tag_cloud block doesn't check permissions to content behind tags (keywords) Content may be inaccessible or non-validated, and the block should be able to check this. That said, there is a major performance hit doing so. The check is implemented via a new block option. Sites may want to enable the check for small sites if they are concerned about keywords leaking. However, for larger sites leaking likely would not be an issue given prevalence of existing accessible keywords. |
|
|
Fixed in git commit c7699f9ee (https://gitlab.com/composr-foundation/composr/commit/c7699f9ee - link will become active once code pushed to GitLab) A hotfix (a TAR of files to upload) has been uploaded to this issue. These files are made to the latest intra-version state (i.e. may roll in earlier fixes too if made to the same files) - so only upload files newer than what you have already. If there are files in a hot-fix that you don't have then they probably relate to addons that you don't have installed and should be skipped. Always take backups of files you are replacing or keep a copy of the manual installer for your version, and only apply fixes you need. These hotfixes are not necessarily reliable or well supported. Not sure how to extract TAR files to your Windows computer? Try 7-zip (http://www.7-zip.org/). |
|
|
hotfix-4321, 2020-07-16 3am.tar (9,021,952 bytes) |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2020-07-14 23:11 | Adam Edington | New Issue | |
| 2020-07-15 16:53 | Chris Graham | Note Added: 0006649 | |
| 2020-07-15 20:39 | Guest | Note Added: 0006650 | |
| 2020-07-16 03:56 | Chris Graham | Category | core => search |
| 2020-07-16 04:00 | Chris Graham | Relationship added | related to 0004324 |
