Links to Wiki pages of unauthorized projects should be smarter
I use to define a 'Sidebar' wiki page that contains links to wiki pages in various subprojects. This allows users to quickly jump to specific topics.
However, when migrating from Redmine 3.3.1 to 3.4.2, links to unauthorized subprojects got broken. (See here http://www.mimworld.org). Once an user has logged in and has the necessary access rights to visit the specific wiki pages, the links are displayed correctly.
Has this change been made intentional (to overcome some security problem) or is it a real bug? If this behaviour is intended, I have to rethink the entire structure of my project(s). A quick fix is much appreciated.
#1 Updated by Michael Gerz over 4 years ago
Ouch... this issue seems to be related to r16283 and #23793 which fixes an information leak.
I wonder what this leak actually is since the user will see the link (in wiki format) anyway.
If - for whatever reason - the link is not allowed to become an HTML link then I suggest making the textual representation a bit more user-friendly. A phrase like
is something that I would not like to see in a rendered Wiki page.
#7 Updated by Shinji Tamura almost 4 years ago
I make the plugin that disable r16283 and include wiki-links-patch.diff.
Please see https://github.com/crosspoints/redmine_legacy_link