incubator-jspwiki-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Janne Jalkanen <>
Subject Re: JSPWIKI-502 : security issue or not ?
Date Mon, 16 Feb 2009 18:29:17 GMT

As I mentioned, this is something which was discussed many years ago.   
So I do believe that this is a security issue to quite a few people.   
ATM we have a single request for this feature; but the note below  
suggests that many people consider this functionality to be a problem.

2006-05-06  Janne Jalkanen <>

         * 2.4.4


         * Added search results filtering based on permissions,
         i.e. you no longer see pages to which you have no
         access to.  Requested by many people.

On 16 Feb 2009, at 19:26, Harry Metske wrote:

> Devs, especially Andrew,
> I would like your opinion on
> When (Lucene)searching the wiki should we tell you that a page  
> contains the
> search word while you are not authorized to view the page ?
> regards,
> Harry

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message