- 🇫🇷France prudloff Lille
I agree we should try to avoid
_access: 'TRUE'
but this route does not return anything sensitive so I am not sure why and how we should protect it. - 🇮🇳India Sivaji_Ganesh_Jojodae Chennai
+1 for @prudloff.
If you
grep
there are several routes with_access: 'TRUE'
as appropriate.grep -rni \_access: core/modules/*/*.routing.yml | grep -i TRUE
There are several routes
core/modules/big_pipe/big_pipe.routing.yml:9: _access: 'TRUE' core/modules/filter/filter.routing.yml:7: _access: 'TRUE' core/modules/image/image.routing.yml:55: _access: 'TRUE' core/modules/system/system.routing.yml:7: _access: 'TRUE' core/modules/system/system.routing.yml:15: _access: 'TRUE' core/modules/system/system.routing.yml:23: _access: 'TRUE' core/modules/system/system.routing.yml:31: _access: 'TRUE' core/modules/system/system.routing.yml:342: _access: 'TRUE' core/modules/system/system.routing.yml:352: _access: 'TRUE' core/modules/system/system.routing.yml:360: _access: 'TRUE' core/modules/system/system.routing.yml:400: _access: 'TRUE' core/modules/system/system.routing.yml:407: _access: 'TRUE' core/modules/system/system.routing.yml:414: _access: 'TRUE' core/modules/system/system.routing.yml:421: _access: 'TRUE' core/modules/system/system.routing.yml:459: _access: 'TRUE' core/modules/system/system.routing.yml:479: _access: 'TRUE' core/modules/system/system.routing.yml:489: _access: 'TRUE' core/modules/system/system.routing.yml:519: _access: 'TRUE' core/modules/system/system.routing.yml:526: _access: 'TRUE' core/modules/user/user.routing.yml:138: _access: 'TRUE' core/modules/user/user.routing.yml:148: _access: 'TRUE' core/modules/user/user.routing.yml:192: _access: 'TRUE' core/modules/user/user.routing.yml:233: _access: 'TRUE' core/modules/views/views.routing.yml:6: _access: 'TRUE'
- Status changed to Closed: outdated
about 1 month ago 3:36pm 4 September 2025 - 🇺🇸United States smustgrave
Since there's been no follow up going to close this one out.
Now that this issue is closed, please review the contribution record.
As a contributor, attribute any organization helped you, or if you volunteered your own time.
Maintainers, please credit people who helped resolve this issue.