cubicweb #511718 explain why rql expr insertion doesn't work to ease security debugging [open]
Try to explain why such exception occurs File "src/fcw/cubicweb/server/querier.py", line 270, in _insert_security rewrite(myrqlst, lcheckdef, lchecksolutions, self.args) File "src/fcw/cubicweb/rqlrewrite.py", line 152, in rewrite self.insert_snippets(snippets) File "src/fcw/cubicweb/rqlrewrite.py", line 213, in insert_snippets raise Unauthorized() Unauthorized: You are not allowed to perform this operation if too expensive at execution time, find a way to check them in a separated tool or at startup. | |
| priority | normal |
|---|---|
| type | enhancement |
| done in | <not specified> |
| load | 1.000 |
| load left | 1.000 |
| closed by | <not specified> |
similar entities
- cubicweb #969169 [inline forms] do not show the 'remove' link if cardinality is '1x'
- cubicweb #1381390 Implement HTTP Strict Transport Security for https
- cubicweb #1698245 Convert __message to _cwmsgid to increase security
- cubicweb #2110238 cache results of schema manipulation methods
- cubicweb #959527 spurious deprecation warnings
[see all]