You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@flagon.apache.org by "Rob Foley (JIRA)" <ji...@apache.org> on 2019/06/10 16:59:00 UTC
[jira] [Commented] (FLAGON-296) UserALE should be able to detect if
there is Restricted Content
[ https://issues.apache.org/jira/browse/FLAGON-296?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16860153#comment-16860153 ]
Rob Foley commented on FLAGON-296:
----------------------------------
This may be difficult/not plausible. A server might just return a 403 (not authorized), a 404 (pretend it doesn't exist), or ask for authorization. I don't know if we can detect the third. Moreover, it would likely be impossible to detect content that the user _is_ authorized to access, as we have no idea if the server checked some cookie (like a login/session token), unless we just assume that everything they see is something they can access.
> UserALE should be able to detect if there is Restricted Content
> ---------------------------------------------------------------
>
> Key: FLAGON-296
> URL: https://issues.apache.org/jira/browse/FLAGON-296
> Project: Flagon
> Issue Type: New Feature
> Components: UserALE.js
> Reporter: Joshua Poore
> Priority: Major
> Fix For: UserALE.js 2.4.0
>
>
> For both security purposes and forensic purposes it would be useful to note if there is restricted content on the page.
>
> Restricted Content = Anything behind a password
>
> Helps with filtering, prevention of content extraction, and logging
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)