You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@netbeans.apache.org by "Jan Pirek (Jira)" <ji...@apache.org> on 2019/10/16 09:23:00 UTC

[jira] [Created] (NETBEANS-3242) Security flaw in google sign on

Jan Pirek created NETBEANS-3242:
-----------------------------------

             Summary: Security flaw in google sign on
                 Key: NETBEANS-3242
                 URL: https://issues.apache.org/jira/browse/NETBEANS-3242
             Project: NetBeans
          Issue Type: Bug
          Components: updatecenters - Pluginportal
            Reporter: Jan Pirek
            Assignee: Jan Pirek


Login process should work with google auth token  and backend controller should verify and extract user from token insteas of passed value from client js part of the login which can be altered.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@netbeans.apache.org
For additional commands, e-mail: commits-help@netbeans.apache.org

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists