-
Bug
-
Resolution: Fixed
-
Major
-
None
-
2.0
-
None
-
Right now the editing/deletion of comment by non-author is only blocked on client-side JS, and can be bypassed by accessing the API functions in api.Comments directly. This must be blocked by a server-side check.
Block editing/deletion of comment by non-author on server-side.
-
Mario Felarca
-
Constantinos Sophocleous
- Votes:
-
0 Vote for this issue
- Watchers:
-
2 Start watching this issue
- Created:
- Updated:
- Resolved: