-
Thibault Delavallée authored
Currently fullscreen takes all information from categorized slides to display its menu. In order to avoid calls to server some information is prepared in DOM to speedup loading. It means slide information is available even when not being member of a course which leads to some content leak. This commit fixes that by correctly checking that a slide can be accessed before allowing to have access to its information and embedded code. Access of a slide is either member of a course, either course publisher. Task 2058595 (eLearning v13 testing) Task 2064112 (fullscreen bug report)
Thibault Delavallée authoredCurrently fullscreen takes all information from categorized slides to display its menu. In order to avoid calls to server some information is prepared in DOM to speedup loading. It means slide information is available even when not being member of a course which leads to some content leak. This commit fixes that by correctly checking that a slide can be accessed before allowing to have access to its information and embedded code. Access of a slide is either member of a course, either course publisher. Task 2058595 (eLearning v13 testing) Task 2064112 (fullscreen bug report)
