While testing the bookmarks code, I've discovered that when User A checks the bookmarks (verifying the links) of User B, ALL bookmarks are checked and their URLs displayed to User A, even those marked "private". (Bug #1913)
It won't be difficult to fix...but how to fix it? There are at least two ways I can think of off the top of my head:
- Disallow link checking by another other than the owner (or an admin).
- Allow link checking, but test for privacy flag, and only check and display public bookmarks.
I lean towards the first solution; bookmark checking is an "administrative"-type function that the owner should control, IMO. But I thought I'd toss it out, in case there are strong preferences, or precedent (I can't think of any).
...any thoughts?
