You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@archiva.apache.org by ol...@apache.org on 2012/04/11 17:59:28 UTC

svn commit: r1324830 - /archiva/trunk/archiva-modules/archiva-web/archiva-webapp-js/src/main/webapp/js/redback/user.js

Author: olamy
Date: Wed Apr 11 15:59:28 2012
New Revision: 1324830

URL: http://svn.apache.org/viewvc?rev=1324830&view=rev
Log:
use POST rather than GET for login to prevent password being in http logs

Modified:
    archiva/trunk/archiva-modules/archiva-web/archiva-webapp-js/src/main/webapp/js/redback/user.js

Modified: archiva/trunk/archiva-modules/archiva-web/archiva-webapp-js/src/main/webapp/js/redback/user.js
URL: http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-webapp-js/src/main/webapp/js/redback/user.js?rev=1324830&r1=1324829&r2=1324830&view=diff
==============================================================================
--- archiva/trunk/archiva-modules/archiva-web/archiva-webapp-js/src/main/webapp/js/redback/user.js (original)
+++ archiva/trunk/archiva-modules/archiva-web/archiva-webapp-js/src/main/webapp/js/redback/user.js Wed Apr 11 15:59:28 2012
@@ -496,9 +496,6 @@ define("redback.user",["jquery","order!u
     //#modal-login-footer
     $('#modal-login-footer').append(smallSpinnerImg());
 
-    var url = 'restServices/redbackServices/loginService/logIn?userName='+$("#user-login-form-username").val();
-    url += "&password="+$("#user-login-form-password").val();
-
     loginCall($("#user-login-form-username").val(),$("#user-login-form-password").val()
         ,successLoginCallbackFn,errorLoginCallbackFn,completeLoginCallbackFn);
 
@@ -513,11 +510,14 @@ define("redback.user",["jquery","order!u
    * @param completeCallbackFn
    */
   loginCall=function(username,password,successCallbackFn, errorCallbackFn, completeCallbackFn) {
-    var url = 'restServices/redbackServices/loginService/logIn?userName='+username;
-    url += "&password="+password;
+    var url = 'restServices/redbackServices/loginService/logIn';//?userName='+username;
+    //url += "&password="+password;
 
     $.ajax({
       url: url,
+      type: 'POST',
+      contentType: 'application/json',
+      data: JSON.stringify({username:username,password:password}),
       success: successCallbackFn,
       error: errorCallbackFn,
       complete: completeCallbackFn