Quick thought on that: Is the password send via $_POST on every request, or just once on login? If the latter is the case, then not every app has the chance to read the password. (or am I wrong here?)
What I'm trying to say is, that maybe we can't do it perfectly, but doing it a little better would still be nice. Cheers Daniel On 02/06/2013 12:26 AM, Robin Appelman wrote: > On Tuesday 05 February 2013 21:32:20 Antoine Diamant-Berger wrote: > Even if we change that hook, there is nothing stopping any app from just > reading the value from $_POST. _______________________________________________ Owncloud mailing list Owncloud@kde.org https://mail.kde.org/mailman/listinfo/owncloud