SS-2014-007: Confidentiality breach can occur between draft and live modes
- Medium (?)
- Versions Affected:
- 3.1.3, 3.0.9, and all versions before
- Versions Fixed:
- 3.1.4, 3.0.10
- Release Date:
In cases were partial caching is used in templates, it's possible for content viewed in one versioned mode (such as stage) to be cached and presented later to other uses in live. This issue also extends to content that may be customised for individual users, such as login status. This may lead to incorrect data being presented within partially cached data, or may leak confidential or unpublished data that should not be viewable.
In order to resolve this a global caching key is applied to all partial caches by default. This is a string which is automatically added to the cache identifier for all partial caches. By default this is set to '$CurrentReadingMode, $CurrentUser.ID', but can be customised by setting the config value for 'SSViewer.global_key', and can contain any template syntax.
This fix will likely require some adjustment for website which either allow for user logins, as the default global cache key may not be appropriate in all situations.
For instance, if your partial caching already handles user login status where necessary, this key can be simplified to only segment by reading mode. In your config.yml you should change this key as below:
To upgrade download or update with composer