export: Don't leak writeable pad ID when exporting

Co-authored-by: Richard Hansen <rhansen@rhansen.org>
2025-05-03 05:39:12 -04:00 · 2021-06-29 19:13:10 +02:00 · 2021-06-29 19:13:10 +02:00 · dbd76f0c5d
commit dbd76f0c5d
parent 58bd96ce8f
4 changed files with 30 additions and 20 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,5 +1,19 @@
 # Next Release

+### Security fixes
+
+* Fixed leak of the writable pad ID when exporting from the pad's read-only ID.
+  This only matters if you treat the writeable pad IDs as secret (e.g., you are
+  not using [ep_padlist2](https://www.npmjs.com/package/ep_padlist2)) and you
+  share the pad's read-only ID with untrusted users. Instead of treating
+  writeable pad IDs as secret, you are encouraged to take advantage of
+  Etherpad's authentication and authorization mechanisms (e.g., use
+  [ep_openid_connect](https://www.npmjs.com/package/ep_openid_connect) with
+  [ep_readonly_guest](https://www.npmjs.com/package/ep_readonly_guest), or write
+  your own
+  [authentication](https://etherpad.org/doc/v1.8.14/#index_authenticate) and
+  [authorization](https://etherpad.org/doc/v1.8.14/#index_authorize) plugins).
+
 ### Compatibility changes

 * For plugin authors: