Hi Thad, How about the script error itself? Have you managed to find out how to eliminate it? Regards, Kali
________________________________ From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Thad Esser Sent: Saturday, 24 September 2011 4:59 AM To: [email protected] Subject: Passwords in URLs ** Hi, I'm pretty sure there's no resolution to this, but I wanted to ask the list anyway. A user (using the user tool) recently noticed that his password is displayed in clear text on an error message (see the red box on the attached screenshot). He happened to be building a PDT for SRM at the time, but I've seen similar errors on other data visualization fields. We don't see enough of these errors for me to have ever fully chased it down, although now that its been brought up to the security team, it is probably going to become a priority. They say it will show up as clear text in the web logs as well. Does anyone have any suggestions on how to eliminate the issue, or explain it away? ARS 7.1 on AIX with Oracle 10g remote Midtier 7.5 p6 ITSM 7.0.3 p9 SRM 2.2 p4 Thanks, Thad _attend WWRUG11 www.wwrug.com ARSlist: "Where the Answers Are"_ NOTICE The information contained in this email is confidential. If you are not the intended recipient, you must not disclose or use the information in this email in any way. If you received it in error, please tell us immediately by return email and delete the document. We do not guarantee the integrity of any e-mails or attached files and are not responsible for any changes made to them by any other person. _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: "Where the Answers Are"
