Comment 5 for bug 1226078

It is true that this issue was fixed in v2.1 but it still exists in previous versions of the API. I agree on the fact that this behavior has been well understood for some time but I'm not sure people is aware of this vulnerability, though.

I agree with Thierry's idea of documenting the vulnerability somewhere without changing the way Glance works. I also prefer to keep Glance the way it is today, if we all agree that documenting this is enough to close this bug.

Thank you all!