Re: Issue 1633 in reviewboard: Repository configuration should not expose passwords

Comment #10 on issue 1633 by rtimush: Repository configuration should not expose passwords http://code.google.com/p/reviewboard/issues/detail?id=1633 "Use https" is not a solution for the original issue (the problem was that passwords were visible when user clicks the "view source" button).

Re: Issue 1633 in reviewboard: Repository configuration should not expose passwords

Updates: Status: WontFix Comment #9 on issue 1633 by trowb...@gmail.com: Repository configuration should not expose passwords http://code.google.com/p/reviewboard/issues/detail?id=1633 After thinking about this for a while, I think the solution is "use https" -- You received this mes

Re: Issue 1633 in reviewboard: Repository configuration should not expose passwords

Updates: Labels: Component-Admin Comment #8 on issue 1633 by trowbrds: Repository configuration should not expose passwords http://code.google.com/p/reviewboard/issues/detail?id=1633 (No comment was entered for this change.) -- You received this message because you are subscribed to

Re: Issue 1633 in reviewboard: Repository configuration should not expose passwords

Updates: Labels: -Milestone-Release1.5 Milestone-Release1.6 Comment #7 on issue 1633 by trowbrds: Repository configuration should not expose passwords http://code.google.com/p/reviewboard/issues/detail?id=1633 Looks like there's not a good, easy solution to this that works everywhere.

Re: Issue 1633 in reviewboard: Repository configuration should not expose passwords

Comment #6 on issue 1633 by rtimush: Repository configuration should not expose passwords http://code.google.com/p/reviewboard/issues/detail?id=1633 I agree, the solution is not perfect, though can be used as a workaround. From the other side, exposing passwords in plain text is not good in

Re: Issue 1633 in reviewboard: Repository configuration should not expose passwords

Comment #5 on issue 1633 by chipx86: Repository configuration should not expose passwords http://code.google.com/p/reviewboard/issues/detail?id=1633 The problem with this is that if you want to actually set the password to an empty string, you won't be able to. That, or we'd require that th

Re: Issue 1633 in reviewboard: Repository configuration should not expose passwords

Comment #4 on issue 1633 by rtimush: Repository configuration should not expose passwords http://code.google.com/p/reviewboard/issues/detail?id=1633 Sorry for the delay. It shows * but if one look at the html source the passwords are there in clear text (as degrande.samuel already mentione

Re: Issue 1633 in reviewboard: Repository configuration should not expose passwords

Updates: Status: New Labels: -Type-Defect Type-Enhancement Milestone-Release1.5 Comment #3 on issue 1633 by trowbrds: Repository configuration should not expose passwords http://code.google.com/p/reviewboard/issues/detail?id=1633 (No comment was entered for this change.) -- Y

Re: Issue 1633 in reviewboard: Repository configuration should not expose passwords

Comment #2 on issue 1633 by degrande.samuel: Repository configuration should not expose passwords http://code.google.com/p/reviewboard/issues/detail?id=1633 I don't know if it's related, but for example, if you display the HTML source of the e-mail configuration page, you see the e-mail pa

Re: Issue 1633 in reviewboard: Repository configuration should not expose passwords

Updates: Status: NeedInfo Comment #1 on issue 1633 by chipx86: Repository configuration should not expose passwords http://code.google.com/p/reviewboard/issues/detail?id=1633 I'm confused. Are you saying today that it's showing the raw password text, or it's showing "*"s? I'm seeing