From: "Bilgin Ibryam" <bibr...@gmail.com>
On Fri, Dec 17, 2010 at 9:12 AM, Jacques Le Roux <
jacques.le.r...@les7arts.com> wrote:
Hi,
I wonder about this in ajaxAutocompleteOptions screen
framework/common/widget/CommonScreens.xml
<<FindAutocompleteOptions.groovy FIXME: Disabled because it represents a
security hole.>>
Should we care about it, or simply remove the commentted out snippet?
Thanks
Jacques
You can remove the comment without worries. It applies to the old version of
the FindAutocompleteOptions.groovy where entityName was retrieved from
parameters, thus allowing users to query any entity.
Bilgin
Thanks Bilgin,
Done at r1055370
Jacques
