You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@usergrid.apache.org by senthilkumar-kj <gi...@git.apache.org> on 2015/04/22 20:40:49 UTC
[GitHub] incubator-usergrid pull request: [USERGRID-572] - ignore sensitive...
GitHub user senthilkumar-kj opened a pull request:
https://github.com/apache/incubator-usergrid/pull/237
[USERGRID-572] - ignore sensitive params from QP in response params
Added a set of params to be ignored in response. Following params will be ignored.
client_id, client_secret, password, username, access_token, client_credentials, fb_access_token,
fq_access_token, ping_access_token, token
Please let me know if this is okay, I'll make the change on master as well and send another PR.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/senthilkumar-kj/incubator-usergrid usergrid_572
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/incubator-usergrid/pull/237.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #237
----
commit 072e2d4f9dd15c1f859ee110b3997f6e8d79c256
Author: Senthil Kumar K <se...@gmail.com>
Date: 2015-04-22T18:38:38Z
[USERGRID-572] - ignore sensitive params from QP in response params
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-usergrid pull request: [USERGRID-572] - ignore sensitive...
Posted by tnine <gi...@git.apache.org>.
Github user tnine commented on the pull request:
https://github.com/apache/incubator-usergrid/pull/237#issuecomment-96728756
This change looks good. Have we tested the /management/token endpoint still works, and this doesn't filter the response of the token?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-usergrid pull request: [USERGRID-572] - ignore sensitive...
Posted by GERey <gi...@git.apache.org>.
Github user GERey commented on the pull request:
https://github.com/apache/incubator-usergrid/pull/237#issuecomment-130464629
Merged! Thanks!
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-usergrid pull request: [USERGRID-572] - ignore sensitive...
Posted by senthilkumar-kj <gi...@git.apache.org>.
Github user senthilkumar-kj commented on the pull request:
https://github.com/apache/incubator-usergrid/pull/237#issuecomment-96836395
hi @tnine, thanks. Yes, below is the sample response from my local for /management/token from this branch.
`{"access_token":"YWMt7PWgyu0pEeSTdqWreOhXCQAAAU0g-RjMu6uxqhC27NA6QeT7uymKY9mtDws","expires_in":604800,"passwordChanged":1430169926300,"user":{"htmldisplayEmailAddress":"Super User <<a href=\"mailto:sk@apigee.com\">sk@apigee.com</a>>","confirmed":true,"uuid":"ebafc20a-ed23-11e4-a91e-3dce26486f4a","adminUser":false,"name":"Super User","displayEmailAddress":"Super User <sk...@apigee.com>","organizations":{"test-organization":{"name":"test-organization","uuid":"e950272a-ed23-11e4-ab55-b305ff94a978","properties":{},"users":{"test":{"applicationId":"b6768a08-b5d5-11e3-a495-11ddb1de66c8","username":"test","name":"Test User","email":"sk+test@apigee.com","activated":true,"confirmed":true,"disabled":false,"properties":{},"uuid":"e93ced4a-ed23-11e4-83f2-994281ced39c","adminUser":false,"displayEmailAddress":"Test User <sk...@apigee.com>","htmldisplayEmailAddress":"Test User <<a href=\"mailto:sk+test@apigee.com\">sk+test@apigee.com</a>>"}},"applications":{"test-organization/test-a
pp":"eb8f41b5-ed23-11e4-80a5-ea7efd0d88e1"}}},"disabled":false,"applicationId":"b6768a08-b5d5-11e3-a495-11ddb1de66c8","email":"sk@apigee.com","properties":{},"username":"superuser","activated":true}}
`
The change affects only the apis which sends back the QPs in response with params json element.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] incubator-usergrid pull request: [USERGRID-572] - ignore sensitive...
Posted by asfgit <gi...@git.apache.org>.
Github user asfgit closed the pull request at:
https://github.com/apache/incubator-usergrid/pull/237
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---