You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@netbeans.apache.org by "Jan Pirek (Jira)" <ji...@apache.org> on 2019/10/18 07:58:00 UTC

[jira] [Resolved] (NETBEANS-3242) Security flaw in pluginportal's google sign on

     [ https://issues.apache.org/jira/browse/NETBEANS-3242?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jan Pirek resolved NETBEANS-3242.
---------------------------------
    Resolution: Fixed

fixed and deployed

> Security flaw in pluginportal's google sign on
> ----------------------------------------------
>
>                 Key: NETBEANS-3242
>                 URL: https://issues.apache.org/jira/browse/NETBEANS-3242
>             Project: NetBeans
>          Issue Type: Bug
>          Components: updatecenters - Pluginportal
>            Reporter: Jan Pirek
>            Assignee: Jan Pirek
>            Priority: Major
>
> Login process should work with google auth token  and backend controller should verify and extract user from token insteas of passed value from client js part of the login which can be altered.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@netbeans.apache.org
For additional commands, e-mail: commits-help@netbeans.apache.org

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists