-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hanno Schlichting wrote:
Removed _filterPasswordFields hack, preventing keys with the exact
key 'passw' to be filtered out in one place is just obscurity.
But you didn't de-obfuscate it, you ripped it out. Now, the response
view shows credentials, which is a security hole.
Tres.
- --
===
Tres Seaver +1 540-429-0999 tsea...@palladion.com
Palladion Software Excellence by Designhttp://palladion.com
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFKCYGj+gerLs4ltQ4RAgEXAJ9UwTRuxLOIi9dKtPniWCUWF6VCXQCg0SAT
/3oboceYU9iI/mnq7K8ErOQ=
=Hm3K
-END PGP SIGNATURE-
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev