You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by ol...@apache.org on 2012/04/11 17:59:28 UTC
svn commit: r1324830 -
/archiva/trunk/archiva-modules/archiva-web/archiva-webapp-js/src/main/webapp/js/redback/user.js
Author: olamy
Date: Wed Apr 11 15:59:28 2012
New Revision: 1324830
URL: http://svn.apache.org/viewvc?rev=1324830&view=rev
Log:
use POST rather than GET for login to prevent password being in http logs
Modified:
archiva/trunk/archiva-modules/archiva-web/archiva-webapp-js/src/main/webapp/js/redback/user.js
Modified: archiva/trunk/archiva-modules/archiva-web/archiva-webapp-js/src/main/webapp/js/redback/user.js
URL: http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-webapp-js/src/main/webapp/js/redback/user.js?rev=1324830&r1=1324829&r2=1324830&view=diff
==============================================================================
--- archiva/trunk/archiva-modules/archiva-web/archiva-webapp-js/src/main/webapp/js/redback/user.js (original)
+++ archiva/trunk/archiva-modules/archiva-web/archiva-webapp-js/src/main/webapp/js/redback/user.js Wed Apr 11 15:59:28 2012
@@ -496,9 +496,6 @@ define("redback.user",["jquery","order!u
//#modal-login-footer
$('#modal-login-footer').append(smallSpinnerImg());
- var url = 'restServices/redbackServices/loginService/logIn?userName='+$("#user-login-form-username").val();
- url += "&password="+$("#user-login-form-password").val();
-
loginCall($("#user-login-form-username").val(),$("#user-login-form-password").val()
,successLoginCallbackFn,errorLoginCallbackFn,completeLoginCallbackFn);
@@ -513,11 +510,14 @@ define("redback.user",["jquery","order!u
* @param completeCallbackFn
*/
loginCall=function(username,password,successCallbackFn, errorCallbackFn, completeCallbackFn) {
- var url = 'restServices/redbackServices/loginService/logIn?userName='+username;
- url += "&password="+password;
+ var url = 'restServices/redbackServices/loginService/logIn';//?userName='+username;
+ //url += "&password="+password;
$.ajax({
url: url,
+ type: 'POST',
+ contentType: 'application/json',
+ data: JSON.stringify({username:username,password:password}),
success: successCallbackFn,
error: errorCallbackFn,
complete: completeCallbackFn