Fossil SCM
RSS Feed ignores access control
Fixed
09ba8cea6fc21a4…
· opened 16 years, 2 months ago
- Type
- Code_Defect
- Priority
- —
- Severity
- Important
- Resolution
- Fixed
- Subsystem
- —
- Created
- Feb. 5, 2010 5:35 a.m.
I configured a fossil repository for non-public access only (nobody and anonymous have no privileges).
The RSS feed still shows the timeline to unauthenticated users.
Potential fix: If 'anonymous' cannot see the timeline turn RSS off.
drh added on 2010-02-05 17:06:25:
Fixed in check-in [78a6270fdc6ee90ae2edeac25ec94f2004cf6624]