wagtail-footnotes icon indicating copy to clipboard operation
wagtail-footnotes copied to clipboard

Published 20 hours ago verified publisher icon torchbox

The footnotes modal URL is not behind any authentication

Open mixxorz opened this issue 4 years ago • 2 comments
trafficstars

I can access /footnotes/footnotes_modal/ without logging in.

mixxorz avatar Jul 19 '21 12:07 mixxorz

No data is exposed, only the basic HTML for the modal is returned so it is essentially a static file (if the {% comment %} tag was removed, it literally could be a static HTML file), so I'm not sure authentication should be required here.

jsma avatar Feb 24 '22 01:02 jsma

I think it's worth looking into it further.

nickmoreton avatar Oct 17 '22 16:10 nickmoreton