Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-2825

REST API allows POST requests without body for basic users

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Fixed
    • 2.3.15
    • 2.3.16, 2.4.0
    • REST-API
    • None

    Description

      The REST API allows modifying requests from basic users if the request does not define a body (e.g. POST /v1/maxscale/logs/flush). This behavior is fixed in 2.4 but was not documented.

      Attachments

        Activity

          People

            markus makela markus makela
            markus makela markus makela
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.