[
https://issues.apache.org/jira/browse/USERGRID-572?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14507631#comment-14507631
]
ASF GitHub Bot commented on USERGRID-572:
-----------------------------------------
GitHub user senthilkumar-kj opened a pull request:
https://github.com/apache/incubator-usergrid/pull/237
[USERGRID-572] - ignore sensitive params from QP in response params
Added a set of params to be ignored in response. Following params will be
ignored.
client_id, client_secret, password, username, access_token,
client_credentials, fb_access_token,
fq_access_token, ping_access_token, token
Please let me know if this is okay, I'll make the change on master as well
and send another PR.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/senthilkumar-kj/incubator-usergrid
usergrid_572
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/incubator-usergrid/pull/237.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #237
----
commit 072e2d4f9dd15c1f859ee110b3997f6e8d79c256
Author: Senthil Kumar K <[email protected]>
Date: 2015-04-22T18:38:38Z
[USERGRID-572] - ignore sensitive params from QP in response params
----
> Setting or qparameter for not returning the qparams in the response
> -------------------------------------------------------------------
>
> Key: USERGRID-572
> URL: https://issues.apache.org/jira/browse/USERGRID-572
> Project: Usergrid
> Issue Type: Story
> Reporter: Jeffrey
> Assignee: Senthil Kumar K
> Priority: Critical
>
> Please add a setting that can prevent the qparams from being returned in a
> response, and/or add a filter for accessToken and ClientID/ClientSecret to
> not be returned in a response.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
