Modify

Opened 14 years ago

Closed 14 years ago

#3580 closed defect (fixed)

[PATCH] Don't send username/password for GET request

Reported by: anonymous Owned by: bastiK
Priority: trivial Milestone:
Component: Core Version:
Keywords: Cc:

Description

Increase security by using the plaintext password/username only when really needed.

Attachments (1)

auth.patch (2.2 KB) - added by bastiK 14 years ago.
Don't send authorisation for "GET / capabilities" requests.

Download all attachments as: .zip

Change History (4)

comment:1 Changed 14 years ago by bastiK

Owner: changed from team to bastiK

Changed 14 years ago by bastiK

Attachment: auth.patch added

Don't send authorisation for "GET / capabilities" requests.

comment:2 Changed 14 years ago by bastiK

Summary: Don't send username/password for GET request[PATCH] Don't send username/password for GET request

comment:3 Changed 14 years ago by stoecker

Resolution: fixed
Status: newclosed

(In [2222]) fixed #3580 - patch by bastiK - no longer send username/password for capabilities GET request

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain bastiK.
as The resolution will be set.
The resolution will be deleted.

Add Comment

E-mail address and name can be saved in the Preferences.

AttachmentsDescription
 
Note: See TracTickets for help on using tickets.