[Bug 117] Authentication URLs contain failed authentication information
http://bugs.koha.org/cgi-bin/bugzilla/show_bug.cgi?id=117 tonnesen@cmsd.bc.ca changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Additional Comments From tonnesen@cmsd.bc.ca 2002-10-26 11:04 ------- Fixed, with a bit of a hack. Auth.pm now removes any userid or password parameters in the URL that it is called with. This isn't necessarily a good thing. It's possible that a valid form could be filled out, then the timeout expires before the user hits submit. If the user then fails to login successfully, any userid or password parameters from that original form will be blanked out when they user does log in successfully. This is an awful lot of 'if's but it _could_ happen. :) ------- You are receiving this mail because: ------- You are the QA contact for the bug, or are watching the QA contact.
participants (1)
-
bugzilla-daemon@wilbur.katipo.co.nz