libubuntuone

Logs oauth tokens to console

Bug #723297 reported by dobey on 2011-02-22

This bug affects 1 person

	Status	Importance	Assigned to
libubuntuone	Status tracked in Trunk
Stable-0-4	Fix Released	High	dobey
Stable-lucid	Won't Fix	Undecided	Unassigned
Trunk	Fix Released	High	dobey
libubuntuone (Ubuntu)	Fix Released	High	dobey
Lucid	Won't Fix	High	Unassigned
Maverick	Invalid	High	Unassigned
Natty	Fix Released	High	dobey

Bug Description

libubuntuone is printing the URL to console when a navigation is requested through webkit. Sometimes, this url includes oauth authorization information, which ends up on the console. This is not good.

The oauth code is also printing tokens directly sometimes. We really should not be enabling this behavior by default.

Related branches

lp:~dobey/libubuntuone/print-no-tokens

Merged into lp:libubuntuone at revision 118

Eric Casteleijn (community): Approve on 2011-02-23

Roberto Alsina (community): Approve on 2011-02-22

lp:ubuntu/natty/libubuntuone

dobey (dobey) on 2011-02-22

Changed in libubuntuone:
assignee:	nobody → Rodney Dawes (dobey)
importance:	Undecided → High
status:	New → In Progress

Brian Murray (brian-murray) on 2011-02-23

Changed in libubuntuone (Ubuntu Lucid):
importance:	Undecided → High
Changed in libubuntuone (Ubuntu Maverick):
importance:	Undecided → High
Changed in libubuntuone (Ubuntu Natty):
importance:	Undecided → High

dobey (dobey) on 2011-03-10

Changed in libubuntuone (Ubuntu Natty):
assignee:	nobody → Rodney Dawes (dobey)
status:	New → In Progress

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-03-10:

This bug was fixed in the package libubuntuone - 0.9.0-0ubuntu1

---------------
libubuntuone (0.9.0-0ubuntu1) natty; urgency=low

* New upstream release.
- Don't log oauth information to console (LP: #723297)
-- Rodney Dawes <email address hidden> Wed, 09 Mar 2011 20:13:12 -0500

Changed in libubuntuone (Ubuntu Natty):
status:	In Progress → Fix Released

Revision history for this message

btreegorilla (btreegorilla) wrote on 2011-04-08:

Confirmed in Maverick libubuntuone-0.3.8

@ubuntu:~/src/libubuntuone-0.3.8$ egrep -n "DEBUG_OAUTH|g_debug \(\"navigation requested" configure.ac libubuntuone/u1-music-store.c
configure.ac:49: AC_DEFINE(DEBUG_OAUTH, 1, [Define to enable OAuth debugging])
libubuntuone/u1-music-store.c:521: g_debug ("navigation requested to %s", webkit_network_request_get_uri (request));

Linux ubuntu 2.6.35-28-generic #49-Ubuntu SMP Tue Mar 1 14:39:03 UTC 2011 x86_64 GNU/Linux

Changed in libubuntuone (Ubuntu Maverick):
status:	New → Confirmed

Natalia Bidart (nataliabidart) on 2011-04-08

Changed in libubuntuone (Ubuntu Lucid):
assignee:	nobody → Rodney Dawes (dobey)
Changed in libubuntuone (Ubuntu Maverick):
assignee:	nobody → Rodney Dawes (dobey)

Revision history for this message

JC Hulce (soaringsky) wrote on 2012-05-03:

This bug affects Ubuntu 10.10, Maverick Meerkat. Maverick has reached end-of-life and is no longer supported, so I am closing the bugtask for Maverick. Please upgrade to a newer version of Ubuntu.
More information here: https://lists.ubuntu.com/archives/ubuntu-announce/2012-April/000158.html

Changed in libubuntuone (Ubuntu Maverick):
status:	Confirmed → Invalid

dobey (dobey) on 2014-01-29

Changed in libubuntuone (Ubuntu Lucid):
assignee:	Rodney Dawes (dobey) → nobody
status:	New → Won't Fix
Changed in libubuntuone (Ubuntu Maverick):
assignee:	Rodney Dawes (dobey) → nobody

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.