cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Koushik Das <koushik....@citrix.com>
Subject RE: MS UI - addHost call is a GET and the password of the host goes as cleartext
Date Sat, 21 Jul 2012 06:06:25 GMT
Created CS-15652


-----Original Message-----
From: David Nalley [mailto:david@gnsa.us] 
Sent: Friday, July 20, 2012 10:53 PM
To: cloudstack-users@incubator.apache.org
Subject: Re: MS UI - addHost call is a GET and the password of the host goes as cleartext

On Fri, Jul 20, 2012 at 5:35 AM, Koushik Das <koushik.das@citrix.com> wrote:
> The request URL may get logged in Tomcat and that may lead to security issues. Any call
having such data should be a POST.
>
> Thanks,
> Koushik

Please file a bug for this.

--David

Mime
View raw message