Terulia Forums > Terulia Forum Service: Main > Forum Bug Reports

Password visible in URL
Aries	5:24 PM on July 29, 2009	(+0/-0)
Group: Members Posts: 235 Total: 708	If you try to go to a page that doesn't allow unregistered viewers, it takes you to the forum homepage. But if you log in from that page right away, your username and password appears in the URL. At least, I think that's how I did it. I've tried to replicate it, but it doesn't happen all the time. But it happened when I logged in when I tried to go to bug reports while logged out. I had used the link in the announcements thread. It's not a major security issue, but someone looking over your shoulder could get your password. I've tried to replicate it for the past five minutes or so but to no avail. Looking through my history, this is the URL that appeared http://www.terulia.com/?cmd=Login&terulia+user=Aries&terulia+pass=omitted _________________________________________ Censorshit is a bitch.

Grameramera	4:37 PM on August 05, 2009	(+0/-0)
Group: Best Pony Posts: 893 Total: 1255	This is something I'm not sure how to fix. If you know of a way, I'd be happy to incorporate it. _________________________________________ ScouSin: Damn you Gaku! Damn you and your; "Be patient, and if you don't want to, tough, because I'm going to be all mystical about it!" KingBlax: It's telling you to go outside, with no flash-light in the woods, and find a dead body, you eat dinner if you find 1. You die in the wilderness if you don't find 1 or at least bring something interesting back. ./personal_problem.sh -q > /dev/null 2>&1 &

Forum Home > Terulia Forum Service: Main > Forum Bug Reports > Password visible in URL

1 forum user ( 0 registered, 1 guest, 0 bots ) currently viewing this topic.

This page was generated in 0.3 seconds.
Terulia forums are hosted for free at www.terulia.com [ Terms of Service: Updated 4/28/2011 ].