The original code will not allow write access (set via the POST var) to endpoints to which read access is not provided. Before this fix, verify_access would allow write-only access to all endpoints if the POST var was set regardless of read access.pull/126/head
parent
eb128120ed
commit
7275202d5e
Loading…
Reference in new issue