• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Lack of interest Admin pages URL results in a login or 404

Marcel

Active member
#1
I apologise if this isn't in anyway a suitable suggestion, or I'm talking out of my inexperienced backside :D

Just doing some testing on an addon, and I mistakenly mistyped an admin URL and noticed something.

If I browse to

admin.php?banners/add

while not logged in, I get a login request

If I browse to

admin.php?banners/nonexistent

Then it gives me a specific 404.

WRT to security. Yes "banners" is quite generic, but if a security risk was found in a particular addon, this would be a way to confirm the existence of said addon in an installation wouldn't it?