Details
-
Sub-task
-
Resolution: Unresolved
-
None
-
None
-
Medium
-
Empty show more show less
Description
The value behind the field "instance" transported between clients, installations and the WebSocket server is used to identify the instance via a unique, auto created hash without semantic.
Better could be a configurable instance key, similar to OpenTM2 prefix, to identify / distinguish translate5 instances.
Main problem here: if the value is not changed on copying the instance this enabled security risks.
If the calculation / definition of the instance ID is changed, this should replace the serverId in library/ZfExtended/Worker/TriggerByHttp.php then too, since there is just the same problem.