I wasn't concerned about leaking because the standard Zope security ensures no 
branches are returned that the principal cannot see.  The sole call-site of 
BranchLookup.getIdAndTrailingPath was 
BranchRewriter._getBranchIdAndTrailingPath, so when I removed 
BranchLookup.getIdAndTrailingPath, I ported its privacy tests 
(test_branch_id_alias_transitive_private and 
test_branch_id_alias_transitive_private) to 
BranchRewriter._getBranchIdAndTrailingPath.  The actual handling of 
Unauthorized exceptions is at 1134-1137.

I supposed cached data could leak if the cache was accessed using two different 
principals, but branch-rewrite always uses UnauthenticatedPrincipal AFAICT.
-- 
https://code.launchpad.net/~abentley/launchpad/all-url-support/+merge/113294
Your team Launchpad code reviewers is subscribed to branch lp:launchpad.

_______________________________________________
Mailing list: https://launchpad.net/~launchpad-reviewers
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~launchpad-reviewers
More help   : https://help.launchpad.net/ListHelp

Reply via email to