|
|
Nick Muerdter created an issue |
|
Issue Type: |
|
|---|---|
|
Affects Versions: |
2.9.0 |
|
Assignee: |
Unassigned |
|
Components: |
GWC, Vulnerability |
|
Created: |
13/Jul/16 9:18 AM |
|
Priority: |
|
|
Reporter: |
|
In certain GeoServer configuration setups, it’s possible to bypass the “Enable Data Security” option in GeoWebCache and gain access to cached WMS tiles that should be private. I can provide more detailed information on the types of configurations that exhibit this issue, but since this could be considered a security issue, I thought I’d see how you wanted to proceed first. I also have a potential patch for this bug that I can share. So let me know if you’d like for me to share more details and the patch in private or in public. Thanks! |
|
|
|
This message was sent by Atlassian JIRA (v1000.148.2#100005-sha1:f06b59a) |
|
|