Joomla Extensions by Joomdonation

IT Security of Helpdesk and PDF attachments

  • Lorenzo
  • Topic Author
  • Offline
  • Senior Member
  • Senior Member
More
3 years 5 days ago - 3 years 5 days ago #148353 by Lorenzo
IT Security of Helpdesk and PDF attachments was created by Lorenzo
Dear Tuan, I'm testing the Demo Helpdesk online and have a presale question.
I'm concerned of the privacy and security of the component, therefore I created a topic here  joomdonationdemo.com/helpdeskpro/index.p...?view=ticket&id=3362 and after logging out I no longer can reach the ticket. And that is very good because a user must login to read his own tickets.

What is not good is that the Ticket attachments are public and you do not need to login to access them, so robots could guess or find attachment of our customers. Here's my test link:  joomdonationdemo.com/helpdeskpro/index.p...ilename=test-pdf.pdf  
Is this right? Is there a way to force a login?

I also see that attached pictures are nicely opened in a popup but PDFs are downloaded. Is there a way to open them in the browser?

Kind regards
Last edit: 3 years 5 days ago by Lorenzo.

Please Log in or Create an account to join the conversation.

More
3 years 5 days ago #148357 by Tuan Pham Ngoc
Replied by Tuan Pham Ngoc on topic IT Security of Helpdesk and PDF attachments
Hello Lorenzo

Yes. You are right. The attachments should be protected better. I will work on it and improve it soon

Tuan

Please Log in or Create an account to join the conversation.

Moderators: Tuan Pham Ngoc

Support

Documentation

Information

Copyright © 2024 Joomla Extensions by Joomdonation. All Rights Reserved.
joomdonation.com is not affiliated with or endorsed by the Joomla! Project or Open Source Matters.
The Joomla! name and logo is used under a limited license granted by Open Source Matters the trademark holder in the United States and other countries.

Connect Us