Encrypt Query Params in Page Links #1995
Assignees
Labels
Milestone
Comments
alexanderkiel
added a commit
that referenced
this issue
Aug 29, 2024
alexanderkiel
added a commit
that referenced
this issue
Sep 4, 2024
alexanderkiel
added a commit
that referenced
this issue
Sep 4, 2024
alexanderkiel
added a commit
that referenced
this issue
Sep 5, 2024
alexanderkiel
added a commit
that referenced
this issue
Sep 5, 2024
alexanderkiel
added a commit
that referenced
this issue
Sep 5, 2024
alexanderkiel
added a commit
that referenced
this issue
Sep 5, 2024
alexanderkiel
added a commit
that referenced
this issue
Sep 5, 2024
alexanderkiel
added a commit
that referenced
this issue
Sep 5, 2024
alexanderkiel
added a commit
that referenced
this issue
Sep 5, 2024
alexanderkiel
added a commit
that referenced
this issue
Sep 5, 2024
alexanderkiel
added a commit
that referenced
this issue
Sep 6, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently, the page links contain the database point in time
tof the database state on which the FHIR search query was executed, the query params of the FHIR search and the id of the resource on top of the page. All this information can be manipulated by the client.Especially, by changing the
tthe client can access past database states that still contain possibly deleted resources. After we implement #1382, the deleted historic versions of a resource will be no longer accessible in the database state after the delete, but will be still accessible in former database states. That's why it's important that a client can't simply edit thetin page links.See also: Paging Documentation
The text was updated successfully, but these errors were encountered: