bjendres
commented
4 years ago @jaapjansma: You're right, they shouldn't be case sensitive. Or can you think of a way of exploiting this?
Closed jaapjansma closed 7 months ago
bjendres
commented
4 years ago @jaapjansma: You're right, they shouldn't be case sensitive. Or can you think of a way of exploiting this?
jaapjansma
commented
4 years ago I dont see any risk of the action and entity being case insensitive.
bjendres
commented
4 years ago Then let's change it.
jaapjansma
commented
4 years ago I am working on it. Might have a fix later on this afternoon
The entity and action specification in the api white list are case sensitive. So meaning that when Contact.get is whitelisted but I present it to CiviProxy as contact.Get (mark the case switch). It is not allowed.
Is this desiered behaviour? Or should the white list be case insensitive?