[DOCU-244] Site-aware ACLs Created: 10/Jan/12 Updated: 03/Nov/15 |
|
| Status: | Closed |
| Project: | Documentation |
| Component/s: | content |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | New Feature | Priority: | Neutral |
| Reporter: | Antti Hietala | Assignee: | Antti Hietala |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Attachments: |
|
| Template: |
|
| Acceptance criteria: |
Empty
|
| Date of First Response: |
| Description |
|
The purpose is to prevent a multisite scenario where content from one site can be accessed through all its sibling sites. Such a scenario hurts SEO efforts since crawlers interpret the sibling content as duplicate: it is the same content but visible through different URLs. For example, the demo-project site definition (screenshot) says that when the site is accessed via domain www.demo-project.com, content should be served from /demo-project, as defined in the handlePrefix property. However, it is also possible to access sibling site /demo-features content at the same domain using a URL such as www.demo-project.com/demo-features.html. The domain says content should be served from /demo-project but in fact it can come from /demo-features. This is the issue. To test locally:
To deny cross-site content access using the new <site> parameter:
Document the new parameter, its usage, purpose and the scenario in /administration/security/accesscontrollists. |
| Comments |
| Comment by Antti Hietala [ 10/Jan/12 ] |
|
The <site> parameter is available starting with Magnolia 4.4.6 |
| Comment by Ruth Stocks [ 07/Feb/12 ] |
|
Documented at - http://docuauthor.magnolia-cms.com/administration/security/accesscontrollists.html#Siblingsiteaccess |