incubator-allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From john...@apache.org
Subject [08/10] git commit: [#6701] Don't send usernames and passwords in the URI (ends up in logs)
Date Thu, 20 Mar 2014 18:46:56 GMT
[#6701] Don't send usernames and passwords in the URI (ends up in logs)

Signed-off-by: Cory Johns <cjohns@slashdotmedia.com>


Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/496090ad
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/496090ad
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/496090ad

Branch: refs/heads/master
Commit: 496090ad39002e3956decd6a2c6c02b295841669
Parents: bb8a81b
Author: Cory Johns <cjohns@slashdotmedia.com>
Authored: Wed Mar 19 20:01:51 2014 +0000
Committer: Cory Johns <cjohns@slashdotmedia.com>
Committed: Thu Mar 20 18:43:46 2014 +0000

----------------------------------------------------------------------
 scripts/ApacheAccessHandler.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/496090ad/scripts/ApacheAccessHandler.py
----------------------------------------------------------------------
diff --git a/scripts/ApacheAccessHandler.py b/scripts/ApacheAccessHandler.py
index 390dca3..6575a6f 100644
--- a/scripts/ApacheAccessHandler.py
+++ b/scripts/ApacheAccessHandler.py
@@ -92,7 +92,7 @@ def check_repo_path(req):
 
 def check_authentication(req):
     auth_url = req.get_options().get('ALLURA_AUTH_URL', 'https://127.0.0.1/auth/do_login')
-    r = requests.post(auth_url, allow_redirects=False, params={
+    r = requests.post(auth_url, allow_redirects=False, data={
         'username': req.user,
         'password': req.get_basic_auth_pw(),
         'return_to': '/login_successful'})


Mime
View raw message