Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-33941

Blank page is shown to students when they view a hidden section page

    XMLWordPrintable

Details

    • Bug
    • Resolution: Cannot Reproduce
    • Minor
    • None
    • 2.3
    • Course
    • MOODLE_23_STABLE

    Description

      Replication steps:-

      1. goto a course settings and select "hide sections completely that are invisible" for "Hidden sections" setting.
      2. Hide a section
      3. As a student try to access this section page (course/view.php?id=37&section=12).

      Since a blank page is shown instead of error, student can know that the section exists but is not visible.
      IMO this is a minor security risk, as it gives away the information if the section exists or not.

      Attachments

        Issue Links

          Discovered while testing

          Release Test - A set of tests for a single release MDLQA-3913 Moodle 2.3 QA Cycle 2 Test Session 4

          • Blocker - Blocks development and/or testing, prevents Moodle from running (applicable to bugs only)
          • Open

          Activity

            People

              Unassigned Unassigned
              ankit_frenz Ankit Agarwal
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: