LotusGuild/tinker_tickets
3
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e7d01ef57659776b31a5d3fb7245ddb0f93b124d
tinker_tickets/controllers
History
Jared Vititoe e7d01ef576 Return 404 (not 403) for inaccessible tickets in TicketController 
Returning 403 Forbidden leaks the existence of tickets to users who
should not know about them. Use 404 Not Found consistently across all
access-controlled endpoints to prevent enumeration.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-20 21:47:28 -04:00
..
CommentController.php
Re-did everything, Now is modulaar and better bro.
2025-05-16 20:02:49 -04:00
DashboardController.php
Apply visibility filtering to dashboard statistics
2026-03-20 21:44:01 -04:00
TicketController.php
Return 404 (not 403) for inaccessible tickets in TicketController
2026-03-20 21:47:28 -04:00