Bertrand Delacretaz created SLING-8172:
------------------------------------------
Summary: Capabilities module: move SlingServletsSource to test code
Key: SLING-8172
URL: https://issues.apache.org/jira/browse/SLING-8172
Project: Sling
Issue Type: Improvement
Components: Capabilities
Affects Versions: org.apache.sling.capabilities.jcr 0.1.0
Reporter: Bertrand Delacretaz
Assignee: Bertrand Delacretaz
Fix For: org.apache.sling.capabilities 0.2.0
The {{SlingServletsSource}} could easily lead people to exposing unwanted
information, crossing trust boundaries, by exposing the presence of servlets
that the current user cannot access.
I'll move it under src/test to keep it around as a test and example, but remove
it from the compiled bundle.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
