Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Injected user credentials should be cleaned up regardless of the result of authenticate() #24

Open
muhuk opened this issue Dec 20, 2010 · 2 comments
Open

Injected user credentials should be cleaned up regardless of the result of authenticate() #24

muhuk opened this issue Dec 20, 2010 · 2 comments

Comments

@muhuk
Copy link

muhuk commented Dec 20, 2010

Methods using authenticated=True receives username and password when the user is authenticated and the client somehow sends the session cookie.

Injected params should be cleaned since this is not a unusual case if we are using the same user accounts we are using to access sites for RPC requests.
@p3k
Copy link

p3k commented Jan 6, 2013

+1

This is a problem I just stumbled across, too.

@samuraisam
Copy link
Owner

Cool, maybe one could write a pull request? The code path is really simple (sorry, I just don't have much time right now)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@p3k @muhuk @samuraisam