#31747: Avoid potential admin model enumeration -------------------------------+---------------------------------------- Reporter: Daniel Maxson | Owner: Jon Dufresne Type: New feature | Status: assigned Component: contrib.admin | Version: master Severity: Normal | Resolution: Keywords: | Triage Stage: Accepted Has patch: 1 | Needs documentation: 0 Needs tests: 0 | Patch needs improvement: 1 Easy pickings: 0 | UI/UX: 0 -------------------------------+---------------------------------------- Changes (by Carlton Gibson):
* needs_better_patch: 0 => 1 Comment: I'm going to mark as Patch needs improvement for the moment. There's [https://github.com/django/django/pull/13134 some discussion on the PR] as to the best way forwards ref a break of APPEND_SLASH behaviour for the admin. It looks like we can make it work for non-staff users well enough, but there's an edge-case for staff-users with a missing permission. I would propose to move forward with that solution as a win now. We can then come back to the more difficult question of changing the APPEND_SLASH behaviour for the admin, which probably needs more discussion to get right. -- Ticket URL: <https://code.djangoproject.com/ticket/31747#comment:6> Django <https://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-updates+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-updates/065.1373f54092ca2046cc06907f9a4b870e%40djangoproject.com.