Uploaded image for project: 'atlassian-seraph'
  1. atlassian-seraph
  2. SER-194

Remove support for os_username, os_password and os_cookie

    XMLWordPrintable

Details

    • Task
    • Resolution: Unresolved
    • Medium
    • None
    • None
    • None
    • true

    Description

      Putting credentials in request parameters is likely to lead to those credentials being logged in access logs. Also, there are existing decent alternatives such as Basic Auth so there is absolutely no need to keep the old and insecure os_* parameters around.

      Attachments

        Issue Links

          causes

          Bug - A problem which impairs or prevents the functions of the product. JRACLOUD-65287 The the os_username parameter has been blocked but it is still used in the users onboarding notifications

          • High - High priority issues
          • Closed
          is related to

          Bug - A problem which impairs or prevents the functions of the product. SER-199 Make support for os_username and os_password as url parameters require opting in

          • Low - Low priority issues
          • RESOLVED

          Activity

            People

              Unassigned Unassigned
              dblack David Black
              Votes:
              3 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                9 years, 48 weeks, 3 days ago