[ https://jira.codehaus.org/browse/MNG-5265?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=339929#comment-339929 ]
Jason van Zyl commented on MNG-5265: ------------------------------------ Olivier, do you consider this to be closed now? > enforce repository url verification for passing authz > ----------------------------------------------------- > > Key: MNG-5265 > URL: https://jira.codehaus.org/browse/MNG-5265 > Project: Maven 2 & 3 > Issue Type: Improvement > Components: Settings > Affects Versions: 2.0.10, 2.2.1, 3.0.2, 3.0.3, 3.0.4 > Reporter: Olivier Lamy > Fix For: 3.2 > > > Related discussion: http://markmail.org/message/7pswshucxc7qwtef > in your settings you have: > {code} > <server> > <username>olamy</username> > <password>reallycomplicatedpassword</password> > <id>foo.org</id> > </server> > {code} > During dependencies resolution, you get a pom with a repository. > {code} > <repository> > <id>foo.org</id> > <url>http://yourpasswordwillbehacked.org/</url> > </repository> > {code} > Idea id in settings must contains the target hostname. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira