[PATCH] hide passwords in httprepo error messages
Steve Borho
steve at borho.org
Mon Apr 13 10:24:27 CDT 2009
On Mon, Apr 13, 2009 at 7:45 AM, Patrick Mézard <pmezard at gmail.com> wrote:
> Steve Borho a écrit :
>> On Sun, Apr 12, 2009 at 9:06 AM, Patrick Mézard <pmezard at gmail.com> wrote:
>>> Steve Borho a écrit :
>>>> # HG changeset patch
>>>> # User Steve Borho <steve at borho.org>
>>>> # Date 1239492861 18000
>>>> # Node ID a9bc0242f1e3c607f06f78b94542917b39116404
>>>> # Parent db3a68fd9387d10308148bbf1a18c89bf50ce96d
>>>> hide passwords in httprepo error messages
>>> Nice catch.
>>
>> I had just added password hiding to the tortoisehg synch dialog, and
>> was quite surprised to see my password showing up in an error message.
>>
>>> Shouldn't we extend this to status()/debug() messages too?
>>> Looking at the code, I would hide passwords in the "cu" and "resp_url" variables too, and patch against -stable.
>>
>> resp_url does not include a username or password, it's a raw http url.
>
> I don't really get your argument. resp_url is displayed only when different from url, which happens on redirections. Preserving basic auth credentials in redirected URL sounds like a bug, but hiding it is the safe way. I pushed your fix without it but I am less sure now.
I mean that resp_url never has user credentials in it, near as I can tell.
>> Not sure about cu. It is a debug message, perhaps the user wants to
>> see his password in this case?
>
> I prefer to hide authentication stuff by default. If people really want to check the credentials they supply, they can always put it in the URL directly I suppose.
>
> Pushed in crew-stable: http://hg.intevation.org/mercurial/crew-stable/rev/976170068286
Thanks.
--
Steve Borho
More information about the Mercurial-devel
mailing list