#2271 closed defect (fixed)
hide credentials from connection strings
| Reported by: | Antoine Martin | Owned by: | Antoine Martin |
|---|---|---|---|
| Priority: | critical | Milestone: | 3.0 |
| Component: | core | Version: | 2.5.x |
| Keywords: | Cc: |
Description
When connecting with a URI that contains username and password, those can end up being logged:
Attached to tcp://antoine:123456@192.168.1.5:10000/
And shown in the system tray menu.
There is a little bit of confusion between "endpoint" and "target" attributes of the connection object.
Also, the ssh code re-implements its own URI logic...
This needs cleaning up.
Change History (2)
comment:1 Changed 2 years ago by
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
comment:2 Changed 3 months ago by
this ticket has been moved to: https://github.com/Xpra-org/xpra/issues/2271
Note: See
TracTickets for help on using
tickets.
copyleft 2010 - 2021
Done in r22412 the lazy way: the messy code that sets the "target" from the constructor arguments is unchanged, we just patch it up afterwards..
See also r22399, which made me create this ticket.