Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-22028

Anonymous role in demo site package contains content/view_embed policy that is too wide

    XMLWordPrintable

    Details

      Description

      Package ref: http://packages.ez.no/ezpublish/5.2/5.2.0/ezdemo_site.ezpkg
      Added in https://github.com/ezsystems/ezdemo/commit/b76ba26a84f5be7fed8d4689d331a916f70ac6b4

      Anonymous user having content/view_embed without limitations will cause embedding of content that it can not read. This includes relation links as well.

      The policy should probably be amended to mirror content/read policy.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                petar.spanja@ez.no Petar Spanja (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 days, 50 minutes
                  2d 50m