You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As-is, the SearchApiController blindly accepts an AccessContext from the inbound request. This is an obvious security concern, which needs patching up.
The controller should resolve the current Management API user on its own and create an access context from that.
As-is, the
SearchApiControllerblindly accepts anAccessContextfrom the inbound request. This is an obvious security concern, which needs patching up.The controller should resolve the current Management API user on its own and create an access context from that.