Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.As a site map is thought to be used by search engines, xmlsitemap_node should check if the anonymous user has the permission to view the node whose link is being added to the site map.
It's enough to call node_access() passing 'view', the node object that must be checked, and the object representing the anonymous user account (obtained by user_load()).
Comments
Comment #1
avpadernoAn alternative is to execute the
hook_xmlsitemap_links()implementations only when the current user is the anonymous user.Comment #2
avpadernoComment #3
avpadernoThis has been implemented in CVS; the menu callback that outputs the site map, and which is the one to call the implementations of
hook_xmlsitemap_links(), is accessible only to anonymous users.This change should be ported to the Drupal 5 branch.
Comment #4
avpadernoI forgot to change the referring version.
Comment #5
avpadernoThe code has been changed in the same way it has been changed in the Drupal 6 branch.
Comment #6
avpadernoI am changing the issue tags.