MCRStaticXMLFileServlet does not check read permissions

Description

If a static web page is requested and the site has read restrictions for the current user it must response with HttpServletResponse.SC_FORBIDDEN.

Environment

None

Assignee

Thomas Scheffler

Reporter

Thomas Scheffler

Labels

None

URL

None

External issue ID

None

Components

Fix versions

Affects versions

Priority

Medium
Configure