You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I noticed that there is an option for users to share their data in the Results tab for a job on the far right of the table, which gives them a direct download link. Isn't this a security risk? The link is accessible without being logged into their account. Can this be easily disabled? Was there some option for that in the .yaml application file for this that isn't documented? I tested if it was the "download" option, and while setting download to false certainly makes it unavailable, it makes it unavailable to the user that submitted the job as well.
Or is this unavailable until they click there to share it? In which case it might be prudent to place a second button to revoke access in case a user clicks it by mistake or without understanding the link is publicly accessible.
Version: 1.30.5 (built by travis on 2018-09-14T07:42:13Z)
The text was updated successfully, but these errors were encountered:
I noticed that there is an option for users to share their data in the Results tab for a job on the far right of the table, which gives them a direct download link. Isn't this a security risk? The link is accessible without being logged into their account. Can this be easily disabled? Was there some option for that in the .yaml application file for this that isn't documented? I tested if it was the "download" option, and while setting download to false certainly makes it unavailable, it makes it unavailable to the user that submitted the job as well.
Or is this unavailable until they click there to share it? In which case it might be prudent to place a second button to revoke access in case a user clicks it by mistake or without understanding the link is publicly accessible.
Version: 1.30.5 (built by travis on 2018-09-14T07:42:13Z)
The text was updated successfully, but these errors were encountered: