You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Marc Slemko <ma...@worldgate.com> on 1997/09/07 05:47:05 UTC

proxy logging ftp password

ISTR a discussion about this before, but not what the conclusion was...

ftp://user:password@host/path/

logs your password in the Apache log.  That is bad, no?

Should we be overwriting the password in r->the_request with xxx?