+1 On Mon, Apr 9, 2018 at 11:01 PM, Rafael Weingärtner < rafaelweingart...@gmail.com> wrote:
> Hello fellow CloudStackers, > > Today I was working on CLOUDSTACK-5235, which is a security issue, and I > noticed a variable ‘md5Hashed’ in the javascript that does not seem to be > useful at all. This variable was used to control if we hash or not the > password of users in the user side (browser). However, we no longer hash > the password on the user side. All of the password processing is executed > in the server side according to the priority of hashing mechanism defined > by the administrator. > > I am addressing this cleanup with this PR > https://github.com/apache/cloudstack/pull/2555. > > If you have any objections regarding this variable and its relate code > removal, please do so. Otherwise, we will proceed to remove it. > > -- > Rafael Weingärtner >