ChiliProject is not maintained anymore. Please be advised that there will be no more updates.
We do not recommend that you setup new ChiliProject instances and we urge all existing users to migrate their data to a maintained system, e.g. Redmine. We will provide a migration script later. In the meantime, you can use the instructions by Christian Daehn.
Reduce version information from Help link (Bug #558)
| Status: | Closed | Start date: | 2011-08-05 |
|---|---|---|---|
| Priority: | Normal | Due date: | |
| Assignee: | Holger Just |
% Done: | 0% |
| Category: | - | ||
| Target version: | 3.0.0 | ||
| Remote issue URL: | Affected version: |
Description
In #101, we introduced detailed version information about the current instance to the help link.
This information is visible to everyone – even for not authenticated users – and might help bad guys to gather environmental information for targeted attacks. To mitigate this issue while still allowing targeted help later, I propose to reduce the version information there to only the major version.
https://www.chiliproject.org/help/v#{Redmine::VERSION::MAJOR.to_s}
Thoughts?
Associated revisions
[#558] Reduce version info in help link
History
Updated by Holger Just at 2011-12-18 04:42 pm
Bumping this up. I'd really like to see that in 3.0.0.
Thoughts?
- Target version set to 3.0.0
Updated by Eric Davis at 2011-12-28 12:25 am
Seeing as there isn't very much documentation written for each minor version, that's fine. (If you recall we were planning to keep mirrors of the docs for each version which is why the link is exact.)
Updated by Holger Just at 2012-01-16 12:31 pm
Yeah, well it turned out we were a bit over-ambitious. And given that there are not many major changes in minor releases, it doesn't really require us to have that exact information.
Applied in dbbc0b4
- Assignee set to Holger Just
- Status changed from Open to Closed