Lars Krapf created SLING-4415:
---------------------------------
Summary: :applyTo should not display changeLog (when operation
fails)
Key: SLING-4415
URL: https://issues.apache.org/jira/browse/SLING-4415
Project: Sling
Issue Type: Bug
Components: Servlets
Affects Versions: Servlets Post 2.3.6
Reporter: Lars Krapf
When the :applyTo operation fails the change-log leaks information about the
internal path-structure even when the requesting session does not have access
to these paths.
One solution would be to completely omit the ChangeLog (at least when the
operation fails), another option would be to make the :sendError behaviour
configurable in the POST servlet, so that the error message can be reliably
overlaid.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
