<!-- 
RSS generated by JIRA (9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b) at Mon Feb 12 01:07:17 CET 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>Magnolia - Issue tracker</title>
    <link>https://jira.magnolia-cms.com</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-uk</language>    <build-info>
        <version>9.4.2</version>
        <build-number>940002</build-number>
        <build-date>19-01-2023</build-date>
    </build-info>


<item>
            <title>[DOCU-244] Site-aware ACLs</title>
                <link>https://jira.magnolia-cms.com/browse/DOCU-244</link>
                <project id="10190" key="DOCU">Documentation</project>
                    <description>&lt;p&gt;&lt;a href=&quot;https://jira.magnolia-cms.com/browse/MAGNOLIA-3915&quot; title=&quot;URI Permission assignment does not respect multi-site configuration&quot; class=&quot;issue-link&quot; data-issue-key=&quot;MAGNOLIA-3915&quot;&gt;&lt;del&gt;MAGNOLIA-3915&lt;/del&gt;&lt;/a&gt; introduced a new ACL parameter &lt;tt&gt;&amp;lt;site&amp;gt;&lt;/tt&gt; that can be added at the beginning of a path or URL. The parameter applies the ACL rule when the current site definition matches its value.&lt;/p&gt;

&lt;p&gt;The purpose is to prevent a multisite scenario where content from one site can be accessed through all its sibling sites. Such a scenario hurts SEO efforts since crawlers interpret the sibling content as duplicate: it is the same content but visible through different URLs.&lt;/p&gt;

&lt;p&gt;For example, the &lt;tt&gt;demo-project&lt;/tt&gt; site definition (screenshot) says that when the site is accessed via domain &lt;tt&gt;www.demo-project.com&lt;/tt&gt;, content should be served from &lt;tt&gt;/demo-project&lt;/tt&gt;, as defined in the &lt;tt&gt;handlePrefix&lt;/tt&gt; property. However, it is also possible to access sibling site &lt;tt&gt;/demo-features&lt;/tt&gt; content at the same domain using a URL such as &lt;tt&gt;www.demo-project.com/demo-features.html&lt;/tt&gt;. The domain says content should be served from &lt;tt&gt;/demo-project&lt;/tt&gt; but in fact it can come from &lt;tt&gt;/demo-features&lt;/tt&gt;. This is the issue.&lt;/p&gt;

&lt;p&gt;To test locally:&lt;/p&gt;
&lt;ol&gt;
	&lt;li&gt;In your &lt;a href=&quot;http://en.wikipedia.org/wiki/Hosts_(file)&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;hosts file&lt;/a&gt;, map &lt;tt&gt;www.demo-project.com&lt;/tt&gt; to &lt;tt&gt;127.0.0.1&lt;/tt&gt;.
&lt;div class=&quot;code panel&quot; style=&quot;border-width: 1px;&quot;&gt;&lt;div class=&quot;codeContent panelContent&quot;&gt;
&lt;pre class=&quot;code-java&quot;&gt;127.0.0.1       www.demo-features.com
&lt;/pre&gt;
&lt;/div&gt;&lt;/div&gt;&lt;/li&gt;
	&lt;li&gt;&lt;a href=&quot;http://www.techiecorner.com/35/how-to-flush-dns-cache-in-linux-windows-mac/&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;Flush the DNS cache&lt;/a&gt;.&lt;/li&gt;
	&lt;li&gt;Request content at &lt;tt&gt;&lt;a href=&quot;http://www.demo-project.com:8080/magnoliaPublic/demo-features.html&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://www.demo-project.com:8080/magnoliaPublic/demo-features.html&lt;/a&gt;&lt;/tt&gt;. You can see content from the sibling site &lt;tt&gt;/demo-features&lt;/tt&gt;, which is not good. &lt;br class=&quot;atl-forced-newline&quot; /&gt; &lt;br class=&quot;atl-forced-newline&quot; /&gt;&lt;/li&gt;
&lt;/ol&gt;


&lt;p&gt;To deny cross-site content access using the new &lt;tt&gt;&amp;lt;site&amp;gt;&lt;/tt&gt; parameter:&lt;/p&gt;
&lt;ol&gt;
	&lt;li&gt;Log into AdminCentral on the public instance and edit the &lt;tt&gt;anonymous&lt;/tt&gt; role.&lt;/li&gt;
	&lt;li&gt;Add an ACL in the &lt;tt&gt;URL&lt;/tt&gt; space. Deny access to &lt;tt&gt;&amp;lt;demo-project&amp;gt;/demo-features*&lt;/tt&gt;. Angle brackets should be included. The first part in the brackets means &quot;apply this ACL when the site definition &lt;tt&gt;demo-project&lt;/tt&gt; is applied&quot;. The second part means &quot;deny access to content at &lt;tt&gt;/demo-features&lt;/tt&gt; and below&quot;.&lt;/li&gt;
	&lt;li&gt;Save the role.&lt;/li&gt;
	&lt;li&gt;Log out.&lt;/li&gt;
	&lt;li&gt;Request content at &lt;tt&gt;&lt;a href=&quot;http://www.demo-project.com:8080/magnoliaPublic/demo-features.html&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://www.demo-project.com:8080/magnoliaPublic/demo-features.html&lt;/a&gt;&lt;/tt&gt;. You should be denied access and presented a login screen instead.&lt;/li&gt;
	&lt;li&gt;Request content at &lt;tt&gt;&lt;a href=&quot;http://www.demo-features.com:8080/magnoliaPublic/demo-features.html&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://www.demo-features.com:8080/magnoliaPublic/demo-features.html&lt;/a&gt;&lt;/tt&gt;. Now content should be served since you are requesting it via a domain that is mapped to a different site definition &lt;tt&gt;demo-features&lt;/tt&gt;. &lt;br class=&quot;atl-forced-newline&quot; /&gt; &lt;br class=&quot;atl-forced-newline&quot; /&gt;&lt;/li&gt;
&lt;/ol&gt;


&lt;p&gt;Document the new parameter, its usage, purpose and the scenario in /administration/security/accesscontrollists.&lt;/p&gt;</description>
                <environment></environment>
        <key id="22683">DOCU-244</key>
            <summary>Site-aware ACLs</summary>
                <type id="2" iconUrl="https://jira.magnolia-cms.com/secure/viewavatar?size=xsmall&amp;avatarId=10891&amp;avatarType=issuetype">New Feature</type>
                                            <priority id="6" iconUrl="https://jira.magnolia-cms.com/images/icons/priorities/neutral.gif">Neutral</priority>
                        <status id="6" iconUrl="https://jira.magnolia-cms.com/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are not closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="-1">Unresolved</resolution>
                                        <assignee username="ahietala">Antti Hietala</assignee>
                                    <reporter username="ahietala">Antti Hietala</reporter>
                        <labels>
                    </labels>
                <created>Tue, 10 Jan 2012 14:28:24 +0100</created>
                <updated>Tue, 3 Nov 2015 14:40:19 +0100</updated>
                                                                            <component>content</component>
                        <due></due>
                            <votes>0</votes>
                                    <watches>0</watches>
                                                                                                                <comments>
                            <comment id="43068" author="ahietala" created="Tue, 10 Jan 2012 15:03:36 +0100"  >&lt;p&gt;The &amp;lt;site&amp;gt; parameter is available starting with Magnolia 4.4.6&lt;/p&gt;</comment>
                            <comment id="43990" author="ruths" created="Tue, 7 Feb 2012 10:05:08 +0100"  >&lt;p&gt;Documented at - &lt;a href=&quot;http://docuauthor.magnolia-cms.com/administration/security/accesscontrollists.html#Siblingsiteaccess&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://docuauthor.magnolia-cms.com/administration/security/accesscontrollists.html#Siblingsiteaccess&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                            <attachment id="15600" name="demo-project-site-definition.png" size="72542" author="ahietala" created="Tue, 10 Jan 2012 14:48:11 +0100"/>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                            <customfield id="customfield_14166" key="com.okapya.jira.checklist:checklist">
                        <customfieldname>Acceptance criteria</customfieldname>
                        <customfieldvalues>
                            
        <checklist>
        <![CDATA[
                            




                
                                    <div class="o-completion" style="display: flex; flex-shrink: 0;"><span  class="aui-lozenge aui-lozenge-complete" style="font-size: 12px; font-weight: normal; display: flex; flex-direction: row; align-items: center;" ><span style="padding-right: 4px; vertical-align: middle;"><svg width="15" height="15" viewBox="0 0 15 15" xmlns="http://www.w3.org/2000/svg" fill="white"><path clip-rule="evenodd" d="m10.41037,3.42544l-7.86501,0c-0.72395,0 -1.31084,0.58688 -1.31084,1.31084l0,7.86508c0,0.7239 0.58689,1.3108 1.31084,1.3108l7.86501,0c0.724,0 1.3109,-0.5869 1.3109,-1.3108l0,-7.86508c0,-0.72396 -0.5869,-1.31084 -1.3109,-1.31084zm-7.86501,-0.65542c-1.08593,0 -1.96626,0.88032 -1.96626,1.96626l0,7.86508c0,1.0859 0.88033,1.9662 1.96626,1.9662l7.86501,0c1.086,0 1.9663,-0.8803 1.9663,-1.9662l0,-7.86508c0,-1.08594 -0.8803,-1.96626 -1.9663,-1.96626l-7.86501,0z" fill-rule="evenodd"/><path d="m5.09049,10.18526l-1.82767,-1.82766l-0.78479,0.78479l2.61246,2.61246l5.38758,-5.38754l-0.78483,-0.78479l-4.60275,4.60274z"/></svg></span><span>Empty</span></span></div>
                        ]]>
    </checklist>


                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10111" key="com.atlassian.jira.toolkit:reporterdomain">
                        <customfieldname>Company</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>magnolia-cms.com</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10031" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of First Response</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Tue, 7 Feb 2012 10:05:08 +0100</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_12730" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_14151" key="com.atlassian.jira.toolkit:message">
                        <customfieldname>Docu info</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10061" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comm is not jira-dev</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10071" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last participant</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>mmuehlebach</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_13136" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            12 years, 2 weeks, 5 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10020" key="com.atlassian.jira.toolkit:attachments">
                        <customfieldname>Number of attachments</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10150" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname>Number of comments</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10011" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>ahietala</customfieldvalue>
            <customfieldvalue>ruths</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                <customfield id="customfield_10833" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0|i03vc7:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10244" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>22687</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14145" key="com.intenso.jira.issue-templates:issue-templates-customfield">
                        <customfieldname>Template</customfieldname>
                        <customfieldvalues>
                            


                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_15131" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Time in Discovery</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    </customfields>
    </item>
</channel>
</rss>