Modify ↓
#1724 closed defect (worksforme)
Revision Log RSS can be read without authentication
| Reported by: | anonymous | Owned by: | Jonas Borgström |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | version control/log view | Version: | devel |
| Severity: | normal | Keywords: | |
| Cc: | Branch: | ||
| Release Notes: | |||
| API Changes: | |||
| Internal Changes: | |||
Description
I am not sure this is a huge deal, I thought I would report it anyway. I have permissions to browse the source to require authentication. When I decided to add the RSS feed of the trunk's revision log to my reader, I noticed that it did not ask me for any authentication. It was able to read the feed with no problems, but I needed to authenticate when I clicked on the Read On link.
Not a big security risk since I needed to authenticate to get to the RSS feed link to begin with, but some may not like it.
Attachments (0)
Change History (2)
comment:1 by , 19 years ago
| Resolution: | → worksforme |
|---|---|
| Status: | new → closed |
comment:2 by , 19 years ago
Also, be sure to read #540 to see the discussion of some of the issues regarding RSS with authentication.
Note:
See TracTickets
for help on using tickets.
This works fine for me. Maybe your RSS reader cached the authentication information when subsribing to another feed on the site. Also double-check your permissions to see how they're set up. The revision log access is based on the LOG_VIEW permission, so check that this is what you're configuring.