Reviewed: https://reviews.mahara.org/6335 Committed: https://git.mahara.org/mahara/mahara/commit/15d479f51c3562faa4b08118da6f592bea7a6774 Submitter: Robert Lyon ([email protected]) Branch: master
commit 15d479f51c3562faa4b08118da6f592bea7a6774 Author: Aaron Wells <[email protected]> Date: Thu Apr 14 19:07:46 2016 +1200 Bug 1567186: More thorough checking for passwords in stacktraces Rather than having an increasing list of specific parameters that we know to have passwords, this patch censors the content of any parameter with a name that contains the string "password" or "pw". behatnotneeded: Can't test with Behat Change-Id: Ifaa2ec10cf749c173b1a8d0928c6cc052124a83f -- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it! https://bugs.launchpad.net/bugs/1567186 Title: Passwords can accidentially end up in logs from badly made plugins Status in Mahara: Fix Committed Status in Mahara 1.10 series: In Progress Status in Mahara 15.04 series: In Progress Status in Mahara 15.10 series: In Progress Status in Mahara 16.04 series: Fix Committed Status in Mahara 16.10 series: Fix Committed Bug description: We have some code that suppresses the passwords in logs for LiveUser and for AuthLdap But we need to extend it out to be more encompassing To manage notifications about this bug go to: https://bugs.launchpad.net/mahara/+bug/1567186/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : [email protected] Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp
