Mask hashed password in VIM response for VIM CRUD APIs
Bug #1594495 reported by
Sripriya
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tacker |
Fix Released
|
Medium
|
Anshu Kumar |
Bug Description
VIM REST APIs response contain hashed password in responses similar to [1]. This is not secure and hence needs to masked before sending the response.
Once the server response is fixed, the existing mask_dict_password call in client is unnecessary and should be removed. [2] [3]
[1] "gAAAAABXY0JVWz
[2] https:/
[3] https:/
description: | updated |
Changed in tacker: | |
assignee: | nobody → Anshu Kumar (anshu-choubey) |
Changed in tacker: | |
importance: | Undecided → Medium |
Changed in tacker: | |
status: | New → Confirmed |
To post a comment you must log in.
Following patch by Kawaguchi Kentaro aims at removing the masking logic from python- tackerclient:
https:/ /review. openstack. org/#/c/ 326884/