Loading...
 
Features / Usability

Features / Usability


Security issue: all structure layouts visible to anyone

posts: 38

I came across the following issue related to security: a number of structures on my server are only meant to be seen by certain logged in users. By assigning a category to the structure, and given only a group access to pages in this category, this works fine.
However, the listing of the layout (list of page titles) of these structures is then still visible to anyone, when the right http adres is typed.
This may not be a problem - but the right search string in e.g. google would directly lead to a page listing such a structure layout,
for example to a page like
http://MYSERVER/wiki/tiki-edit_structure.php?page_ref_id=121
Any suggestions how this can be prevented?
thanks! Han

posts: 1817 Catalan Countries

yes, some code improvement is needed for structures!
indeed
also printing structures is not very efficient in terms of memory usage.
so structures feature seems to need some "love" by some coder
If you could help getting some coders to fix it, it would be great...
my 2 cents (from a non-coder perspective)



posts: 38

thanks, but I did that already. All the individual pages in the structure are assigned to the appropriate (restricted access) category, but still their titles are visible to anyone through the indicated url
Han


Upcoming Events

1)  18 Apr 2024 14:00 GMT-0000
Tiki Roundtable Meeting
2)  16 May 2024 14:00 GMT-0000
Tiki Roundtable Meeting
3)  20 Jun 2024 14:00 GMT-0000
Tiki Roundtable Meeting
4)  18 Jul 2024 14:00 GMT-0000
Tiki Roundtable Meeting
5)  15 Aug 2024 14:00 GMT-0000
Tiki Roundtable Meeting
6)  19 Sep 2024 14:00 GMT-0000
Tiki Roundtable Meeting
7) 
Tiki birthday
8)  17 Oct 2024 14:00 GMT-0000
Tiki Roundtable Meeting
9)  21 Nov 2024 14:00 GMT-0000
Tiki Roundtable Meeting
10)  19 Dec 2024 14:00 GMT-0000
Tiki Roundtable Meeting