HomeSoftware Heritage
Diffusion Web applications f2d6fec278db

origin_save: Reject save request when origin URL contains a password
f2d6fec278db
Actions

This commit no longer exists in the repository. It may have been part of a branch which was deleted.

Description

origin_save: Reject save request when origin URL contains a password

For obvious security reasons, do not accept a Save Code Now request
for an origin URL containing a password in it as the list of submitted
requests are publicly browsable from the Web UI.

Nevertheless accept origin URLs with anonymous credentials (CVS ones
for instance).

Related to T4240

Details

Provenance
anlambertAuthored on May 17 2022, 5:29 PM
anlambertPushed on May 18 2022, 11:12 AM
Differential Revision
D7843: origin_save: Reject save request when origin URL contains a password
Tasks
T4240: Do not accept save requests with credentials leaked in the origin URL
Build Status
Buildable 29443
Build 46017: test-and-buildJenkins console · Jenkins

Commit No Longer Exists

This commit no longer exists in the repository.
About · Developer information · Legal