diff options
author | Victor Shyba <victor1984@riseup.net> | 2017-08-30 23:54:55 -0300 |
---|---|---|
committer | drebs <drebs@riseup.net> | 2017-09-05 11:08:48 -0300 |
commit | 7dcdfdfa66605e4cb2249746f2c157e768f3afe8 (patch) | |
tree | 6679e649e15db18e43f72e9ef5271856fecc54a0 /src/leap/soledad/server/sync.py | |
parent | 75b5f4131b912325f2e7ee9d7e75b51d12a5270d (diff) |
[bug] avoid cross uuid checks on incoming
Incoming API is supposed to be able to, given a valid service token,
write a incoming document into any user database. Leaving the parameter
as 'uuid' triggers defensive code against unauthorized accesses between
users. This commit renames the parameter so this isn't checked.
-- Related: #8867
Diffstat (limited to 'src/leap/soledad/server/sync.py')
0 files changed, 0 insertions, 0 deletions