-
Type:
Improvement
-
Resolution: Fixed
-
Priority:
Major - P3
-
Affects Version/s: None
-
Component/s: Internal Code
-
Fully Compatible
-
v4.0, v3.6
-
Platforms 2018-05-07, Platforms 2018-05-21, Platforms 2018-06-04
-
45
Most Commands have a requiresAuth()==true condition (the default).
For those commands, we shouldn't parse() their request unless the client is authenticated.
These requests are going to be rejected anyway, so there's no user-visible change, but we could be making the rejection decision more securely and efficiently.
- causes
-
SERVER-35382 _isSelf command needs to be marked requiresAuth false
-
- Closed
-
-
SERVER-35463 Mark listCommands as pre-auth
-
- Closed
-
- is related to
-
-
- Closed
-
- related to
-
-
- Closed
-
-
-
- Closed
-