-
- Downloads
origin_save: Reject save request when origin URL contains a password
For obvious security reasons, do not accept a Save Code Now request for an origin URL containing a password in it as the list of submitted requests are publicly browsable from the Web UI. Nevertheless accept origin URLs with anonymous credentials (CVS ones for instance). Related to T4240
parent
f65bb5bc
No related branches found
Tags v0.0.390
Showing
- assets/src/bundles/save/index.js 7 additions, 2 deletionsassets/src/bundles/save/index.js
- cypress/integration/origin-save.spec.js 69 additions, 0 deletionscypress/integration/origin-save.spec.js
- swh/web/common/origin_save.py 9 additions, 1 deletionswh/web/common/origin_save.py
- swh/web/tests/api/views/test_origin_save.py 52 additions, 0 deletionsswh/web/tests/api/views/test_origin_save.py
Loading
-
Some references in the commit message have been migrated:
- T4240 is now #4240 (closed)
-
mentioned in merge request !823 (closed)
Please register or sign in to comment