cubicweb #511718 explain why rql expr insertion doesn't work to ease security debugging [open]
Try to explain why such exception occurs File "src/fcw/cubicweb/server/querier.py", line 270, in _insert_security rewrite(myrqlst, lcheckdef, lchecksolutions, self.args) File "src/fcw/cubicweb/rqlrewrite.py", line 152, in rewrite self.insert_snippets(snippets) File "src/fcw/cubicweb/rqlrewrite.py", line 213, in insert_snippets raise Unauthorized() Unauthorized: You are not allowed to perform this operation if too expensive at execution time, find a way to check them in a separated tool or at startup. | |
priority | normal |
---|---|
type | enhancement |
done in | <not specified> |
load | 1.000 |
load left | 1.000 |
closed by | <not specified> |
similar entities
- cubicweb #1698245 Convert __message to _cwmsgid to increase security
- cubicweb #676902 spécifier comportement cardinalité sur relation multiple
- TheCubicWebBook #656194 CW Administration: how to give dynamic permissions
- cubicweb #809460 checking of schema.py for name conventions in attributes
- cubicweb #1381390 Implement HTTP Strict Transport Security for https
[see all]