page source shows all feature scopes examined [disclosure leak]
Bug #666765 reported by
Robert Collins
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Fix Released
|
High
|
Martin Pool |
Bug Description
page footers show all scopes:
' in scopes {'pageid:
'
however scopes may refer to confidential teams.
Related branches
lp:~mbp/launchpad/666765-features-no-reasons
- j.c.sackett (community): Approve
-
Diff: 193 lines (+86/-6)6 files modifiedlib/canonical/launchpad/webapp/errorlog.py (+36/-3)
lib/lp/app/browser/tests/base-layout.txt (+0/-1)
lib/lp/app/templates/base-layout.pt (+0/-1)
lib/lp/services/features/flags.py (+15/-0)
lib/lp/services/features/tests/test_webapp.py (+29/-1)
utilities/bsondump (+6/-0)
Changed in launchpad-foundations: | |
status: | New → Triaged |
importance: | Undecided → Medium |
summary: |
- scopes leak in pages + page source shows all feature scopes examined [disclosure leak] |
Changed in launchpad: | |
importance: | Medium → High |
tags: |
added: qa-ok removed: qa-needstesting |
Changed in launchpad: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
@lifeless iirc it only lists the scopes that were relevant to determining the active rules for this request. Therefore, once we add a team-based scope (bug 666538), you'll only see it mentioned if you are actually in the relevant team. Since you know about the teams you're in this doesn't seem like a problem.
The risks seem to be:
* if you paste the page contents to somebody else - but then there are bigger risks team:super_ sekret" then that may be shown to many people
* if we add a scope that says "not_in_
Absent a specific problem I think having it always present is good for debuggability. We could limit it to ~launchpad or similar, but then it may be hard to debug user-specific problems.