Opened 9 years ago

Closed 8 years ago

#1522 closed defect (worksforme)

Typing a ticket number into a search lets users see ticket summaries they shouldn't.

Reported by: stevemccusker@… Owned by: coderanger
Priority: low Component: PrivateTicketsPlugin
Severity: normal Keywords:
Cc: Trac Release: 0.10


If the user enters # followed by a ticket number into the Trac search page, the ticket with that number will appear in the search results as a Quick Jump, even if they should not be able to see the ticket. This displays the ticket summary. If they click on the quick jump it doesn't display the page because they do not have permission to view it.

Howeve there are many situations where you do not want users to see even the summaries of the tickets that they do not have permission to view.

I am using 0.10.4 on Windows (XP and SBS 2003).

It doesn't do the quickjump if you enter # number into the search box on ordinary Wiki pages.

Attachments (0)

Change History (1)

comment:1 Changed 8 years ago by coderanger

  • Resolution set to worksforme
  • Status changed from new to closed

No longer an issue in the 0.11 port as we are now a policy plugin.

Add Comment

Modify Ticket

as closed The owner will remain coderanger.
The resolution will be deleted. Next status will be 'reopened'.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.