-
Bug
-
Resolution: Fixed
-
Critical
-
1.4.6, 2.0.15
-
None
-
-
Empty show more show less
-
Yes
With site settings
site1 mapped to page page1 and domain www.domain1.com
site2 mapped to page page2 and domain www.domain2.com
and CrossSiteSecurityFilter restricting access from one to another there is a way to access first level page from other domain by calling:
www.domain1.com/page1/page2
www.domain2.com/page2/page1
- depends upon
-
MAGNOLIA-5589 Statement StringUtils.removeStart(handle, "/") is not assigned to the variable
- Closed
- is cloned by
-
MGNLETK-120 CLONE - Path handle is stripped twice thus access to another site is sometimes possible
- Closed
-
MULTISITE-11 Path handle is stripped twice thus access to another site is sometimes possible
- Closed
- relates to
-
MGNLETK-108 Cross site access should not possible over default site
- Closed