Updates:
Status: WontFix
Comment #9 on issue 1633 by trowb...@gmail.com: Repository configuration
should not expose passwords
http://code.google.com/p/reviewboard/issues/detail?id=1633
After thinking about this for a while, I think the solution is use https
--
You received this
Comment #10 on issue 1633 by rtimush: Repository configuration should not
expose passwords
http://code.google.com/p/reviewboard/issues/detail?id=1633
Use https is not a solution for the original issue (the problem was that
passwords were visible when user clicks the view source button).
Updates:
Labels: Component-Admin
Comment #8 on issue 1633 by trowbrds: Repository configuration should not
expose passwords
http://code.google.com/p/reviewboard/issues/detail?id=1633
(No comment was entered for this change.)
--
You received this message because you are subscribed to
Updates:
Labels: -Milestone-Release1.5 Milestone-Release1.6
Comment #7 on issue 1633 by trowbrds: Repository configuration should not
expose passwords
http://code.google.com/p/reviewboard/issues/detail?id=1633
Looks like there's not a good, easy solution to this that works
Comment #6 on issue 1633 by rtimush: Repository configuration should not
expose passwords
http://code.google.com/p/reviewboard/issues/detail?id=1633
I agree, the solution is not perfect, though can be used as a workaround.
From the
other side, exposing passwords in plain text is not good
Updates:
Status: New
Labels: -Type-Defect Type-Enhancement Milestone-Release1.5
Comment #3 on issue 1633 by trowbrds: Repository configuration should not
expose passwords
http://code.google.com/p/reviewboard/issues/detail?id=1633
(No comment was entered for this change.)
--
Comment #2 on issue 1633 by degrande.samuel: Repository configuration
should not expose passwords
http://code.google.com/p/reviewboard/issues/detail?id=1633
I don't know if it's related, but for example, if you display the HTML
source of the
e-mail configuration page, you see the e-mail
Updates:
Status: NeedInfo
Comment #1 on issue 1633 by chipx86: Repository configuration should not
expose passwords
http://code.google.com/p/reviewboard/issues/detail?id=1633
I'm confused. Are you saying today that it's showing the raw password text,
or it's
showing *s? I'm seeing