Skip to content
This repository has been archived by the owner on Aug 28, 2023. It is now read-only.

Filter out "secret" parameters requested by the manifest #33

Open
agrare opened this issue Jul 31, 2019 · 1 comment
Open

Filter out "secret" parameters requested by the manifest #33

agrare opened this issue Jul 31, 2019 · 1 comment
Assignees
@agrare
Labels
stale

Comments

@agrare
Copy link
Member

agrare commented Jul 31, 2019

In case a malicious user is able to post a crafted manifest to request e.g. usernames and passwords we should filter out any parameters that are deemed "secret" e.g. ones which are filtered out by the logger or the API already.
@agrare agrare self-assigned this Aug 5, 2019
@miq-bot
Copy link

miq-bot commented Feb 10, 2020

This issue has been automatically marked as stale because it has not been updated for at least 6 months.

If you can still reproduce this issue on the current release or on master, please reply with all of the information you have about it in order to keep the issue open.

Thank you for all your contributions!

@miq-bot miq-bot added the stale label Feb 10, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@agrare agrare

Labels
stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@miq-bot @agrare