ian
Closing stale PR. A different approach should be explored to prevent the cross-site scripting vulnerability.
Closing the issue as `fields` is not supported within `deep`. It's documented in https://github.com/directus/docs/blob/9dfdca887aedd2b8b4519d61c1fcc7bfe86520d3/content/guides/4.connect/3.query-parameters.md?plain=1#L402 Thank you.
@jaads yes that is accurate. It's a todo in the PR description 👍🏼
The patch from https://github.com/directus/directus/pull/23879 has been reverted in [v11.3.3](https://github.com/directus/directus/releases/tag/v11.3.3). Kindly use `deep` filtering instead. `/policies?deep[roles][_filter][role][_nnull]=true&deep[users][_filter][user][_nnull]=true`
@hjopel No change is planned at this time. The endpoint is working as intended based on the current data structure, where the foreign key is reused. Deep filtering is the...
I could not reproduce this issue on `11.4.0`, the bug might have been fixed. Thank you for the report.
Thank you @semorur, I was able to reproduce this issue with the removal of `foreign_key_id` from the update permissions in "many" side of the `o2m` relationship.
1. Does adding `DB_OPTIONS__TRUST_SERVER_CERTIFICATE=true` resolve the issue? Ref: [https://github.com/knex/knex/pull/4500](https://github.com/knex/knex/pull/4500) 2. I wonder if this is a concurrency or compatibility issue. Mind setting the compatibility level to 150? Eg:`ALTER DATABASE model...
@rijkvanzanten Mind elaborating on your test case? Eg: The requested query & data model. Thanks!