[
https://issues.apache.org/jira/browse/OFBIZ-1151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12542952
]
Michael Jensen commented on OFBIZ-1151:
---
One option is to use the same field for the hash, but adding a colon
on of how decisions are made w/ofbiz.
Mike
Jacopo Cappellato wrote:
> Michael Jensen wrote:
>> ...
>> I'm curious to see how things pan out on this. It will tell me how
>> seriously security is taken by the people driving ofbiz.
>>
>
> Wow... this is a
[
https://issues.apache.org/jira/browse/OFBIZ-1151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12542844
]
Michael Jensen commented on OFBIZ-1151:
---
Is anyone working on this already?
I'd like to help out wi
Using that logic, you could say that almost any previous bugs were
really "as-implemented" features and no changes should ever be made to
the current release branch.
If it was found somewhere in ofbiz that sensitive information was
submitted over http instead of https, would that be considered a bu
I agree with Tim. It's a security related bug fix. Displaying
passwords in plaintext on a screen is a bug. It is industry standard
practice to not show passwords on the screen (either by replacing
w/asterisks or not displaying characters at all.)
Mike
Adrian Crum wrote:
> Tim,
>
> From my
Sorry for the cross post, but I thought this would be relevant to both
lists...
Amazon now has a payment system in limited beta. It looks like it's
similar to PayPal, but geared more to developers (yay!)
Their pricing seems to be competitive with Paypal's, but their "in
network" transfer fees blo
Out of curiosity, would this new strategy also take into account
Daylight Savings time? Being an inexperienced java programmer, I'm not
sure if this is built into java.util.TimeZone already or if it would
have to be built into ofbiz.
Mike
Adrian Crum wrote:
> I'm starting a new thread for us to
I like the information that the struts project has on their release plan
page. Maybe something similar?
http://struts.apache.org/2.x/docs/release-plan-201.html
Mike
BJ Freeman wrote:
> David,
> what needs to be said on the release Plan, for it to be implemented?
>
> BJ Freeman sent the followin