cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Unpublished & deleted blogs being returned in search query

henrique_pinto
Active Contributor

on ‎09-18-2012 11:44 PM

0 Kudos

Hi there,

I searched for this particular guy, Custodio de Oliverira, in the SCN native search.

I got the following output:

Then I clicked on the 3rd link above:

http://scn.sap.com/community/technology-innovation/blog/2015/06/12/restful-apis-from-scratch-lessons...

To my surprise, I got the Unauthorized message, saying "This blog post has not been published nor is it scheduled to be published".

And yet it was returned in the search!

It was even worse when I clicked on the 4th link above:

http://scn.sap.com/blogs/custodio/2015/06/12/restful-apis-from-scratch-lessons-learnt-so-far--the-de...

I got a "Not Found" error...

Apparently, the search queries are being run against some database including even the unpublished and the deleted blogs, which definitely should not be the case. This is a security breach, potentially leading to data leak and unintentional information sharing.

Could you please evaluate and let me know whether this was a one time thing or a recurring behavior, and when could we expect a solution?

Thanks a lot,

Henrique.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

cfgh
Advisor
Advisor
‎09-20-2012 12:06 AM
0 Kudos

Hi Henrique,

Thanks for noticing this and bringing it to our attention. This is definitely not expected behavior. I will alert the SAP Search team so it can be corrected.

Thanks,

Christine

Show replies
Show replies
Ask a Question
Top Q&A Solution Author
View all