Comment 2 for bug 1449212

Tested, and I can confirm this bug.

A possible bugfix might be something like this:

- set an internal flag if tempurl middleware validates a request using a container key
- check this flag in the slo/dlo middleware, and if set ensure access is only granted to segments within the same container like the original request

Any other ideas? Does that make sense? I can attach a patch tomorrow if this makes sense to anyone.