I think it's not a security issues because of the used ACL?
"swift post -r '.r:*,.rlistings' c1" enables reading and listing of the container, so revealing the existence of the container looks fine to me. However, the 404 looks wrong to me in this case - the container listing should be returned (as text/plain, json, or xml).
I think it's not a security issues because of the used ACL?
"swift post -r '.r:*,.rlistings' c1" enables reading and listing of the container, so revealing the existence of the container looks fine to me. However, the 404 looks wrong to me in this case - the container listing should be returned (as text/plain, json, or xml).