Uploaded image for project: 'Fedora Repository Project'
  1. Fedora Repository Project
  2. FCREPO-2711

Cross-Domain ACLs should not be supported

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Duplicate
    • Affects Version/s: None
    • Fix Version/s: Fedora 5.0.0
    • Component/s: f4-auth
    • Labels:
      None

      Description

      As a follow-on to: https://jira.duraspace.org/browse/FCREPO-2688

      It should not be allowed to create a link to an ACL resource that is outside of the repository.

      For example, the following should not be allowed:

      1. create rdf resource with acl on POST
        curl -v -XPUT -H "Link: <http://google.com>; rel=\"acl\"" "http://localhost:8080/rest/test"

      Note, the above currently works but explodes on subsequent GET.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              awoods Andrew Woods
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: