Does not check field access [#3006261]

First of all, thanks for this very nice module!

I'm using it together with some fields that are access controlled, and noticed that the chained field is rendered even if the user does not have access to it. This can result in the field label showing up. It does not leak field values and hence is not a security issue

Here is a quick patch that adds the access check.

Comment	File	Size	Author
	check-field-access.patch	824 bytes	aleksip

Comments

Comment #1

12 October 2018 at 14:29

aleksip created an issue. See original summary.

Comment #2

larowlan

🇦🇺🏝.au GMT+10

commented 12 October 2018 at 21:00

Status:

Active

» Needs review

Comment #3

12 October 2018 at 21:24

larowlan committed 8fcdfbf on 8.x-1.x authored by aleksip

Issue #3006261 by aleksip: Does not check field access

Comment #4

larowlan

🇦🇺🏝.au GMT+10

commented 12 October 2018 at 21:25

Issue summary:	View changes
Status:	Needs review	» Fixed

Thanks, rolling a stable release

Comment #5

26 October 2018 at 21:29

Status:

Fixed

» Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

Does not check field access

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Comment #5

News items

Our community

Documentation

Drupal code base

Governance of community