elnode wiki does not properly validate authentication on GET #17

Open
nicferrier opened this Issue Jul 17, 2012 · 1 comment

Comments

Projects
None yet
1 participant
Owner

nicferrier commented Jul 17, 2012

https://github.com/nicferrier/elnode/blob/master/elnode-wiki.el#L148

this code just checks the cookie, it doesn't check that the cookie is still valid. we need a new function authenticated-p that checks the cookie.

I guess that the authenticated-p function needs to be aware of the authentication scheme because it might not be cookie checking.

@ghost ghost assigned nicferrier Jul 17, 2012

Owner

nicferrier commented Jul 17, 2012

Not a critical bug I think... if you try and edit the authentication will be checked properly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment