manifoldcf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Karl Wright (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CONNECTORS-1382) Slack notification connector should use obscure and mapPasswordToKey for webhook url
Date Thu, 23 Feb 2017 12:05:44 GMT

    [ https://issues.apache.org/jira/browse/CONNECTORS-1382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15880319#comment-15880319
] 

Karl Wright commented on CONNECTORS-1382:
-----------------------------------------

Hi Markus, are you aware of the infrastructure support MCF provides for UIs so that sensitive
information never gets sent to the browser at all?

Have a look at how the other connectors that manage passwords do it.  They substitute an ID
for the sensitive information, and that way you don't need to post that sensitive information
around (except once, when it's initially set).



> Slack notification connector should use obscure and mapPasswordToKey for webhook url
> ------------------------------------------------------------------------------------
>
>                 Key: CONNECTORS-1382
>                 URL: https://issues.apache.org/jira/browse/CONNECTORS-1382
>             Project: ManifoldCF
>          Issue Type: Improvement
>            Reporter: Markus Schuch
>            Assignee: Markus Schuch
>
> The webhook URL should not be visible in plain text (is sensitive information).



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message