[JENKINS-4000] Proxy credentials showing in clear text - Jenkins Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Critical
Resolution: Fixed
Component/s: core
Labels:
None
Environment:
Platform: All, OS: All

Similar Issues:

Show

Description

In the proxy configuration of Update Manager, when proxy is already configured
with authentication credentials saved, if you analyze the HTML source you'll
find the password in clear text.

Solution: Credentials should not go to Hudson's presentation layer!

Attachments

Activity

Ascending order - Click to sort in descending order

4 older comments

Hide

Permalink

SCM/JIRA link daemon added a comment - 2011-09-12 02:48

Code changed in jenkins
User: Nicolas De Loof
Path:
changelog.html
http://jenkins-ci.org/commit/jenkins/005b75d6383a21bc1fa12a017a299ec179dc50b7
Log:
[FIX JENKINS-4002] [FIX JENKINS-4000] encrypr proxy credentials

Show

SCM/JIRA link daemon added a comment - 2011-09-12 02:48 Code changed in jenkins User: Nicolas De Loof Path: changelog.html http://jenkins-ci.org/commit/jenkins/005b75d6383a21bc1fa12a017a299ec179dc50b7 Log: [FIX JENKINS-4002] [FIX JENKINS-4000] encrypr proxy credentials

Hide

Permalink

SCM/JIRA link daemon added a comment - 2011-09-12 02:48

Code changed in jenkins
User: bap2000
Path:
changelog.html
http://jenkins-ci.org/commit/jenkins/495779d4ca7d04179d7e34c9624c0387d3d340c9
Log:
[FIXED JENKINS-4000] [FIXED JENKINS-4002] Add fix to changelog

Show

SCM/JIRA link daemon added a comment - 2011-09-12 02:48 Code changed in jenkins User: bap2000 Path: changelog.html http://jenkins-ci.org/commit/jenkins/495779d4ca7d04179d7e34c9624c0387d3d340c9 Log: [FIXED JENKINS-4000] [FIXED JENKINS-4002] Add fix to changelog

Hide

Permalink

SCM/JIRA link daemon added a comment - 2011-10-20 17:40

Code changed in jenkins
User: bap2000
Path:
core/src/main/java/hudson/ProxyConfiguration.java
core/src/main/resources/hudson/PluginManager/advanced.jelly
http://jenkins-ci.org/commit/jenkins/c4d9fe8e0707330d1d59d6f30a3a2e32b36a88c0
Log:
[FIXED JENKINS-4000] , [FIXED JENKINS-4002] encrypt proxy password

Proxy password is encrypted in xml config file, and in the UI

Show

SCM/JIRA link daemon added a comment - 2011-10-20 17:40 Code changed in jenkins User: bap2000 Path: core/src/main/java/hudson/ProxyConfiguration.java core/src/main/resources/hudson/PluginManager/advanced.jelly http://jenkins-ci.org/commit/jenkins/c4d9fe8e0707330d1d59d6f30a3a2e32b36a88c0 Log: [FIXED JENKINS-4000] , [FIXED JENKINS-4002] encrypt proxy password Proxy password is encrypted in xml config file, and in the UI

Hide

Permalink

SCM/JIRA link daemon added a comment - 2011-10-20 17:40

Show

SCM/JIRA link daemon added a comment - 2011-10-20 17:40 Code changed in jenkins User: Nicolas De Loof Path: changelog.html http://jenkins-ci.org/commit/jenkins/005b75d6383a21bc1fa12a017a299ec179dc50b7 Log: [FIX JENKINS-4002] [FIX JENKINS-4000] encrypr proxy credentials

Hide

Permalink

SCM/JIRA link daemon added a comment - 2011-10-20 17:40

Show

SCM/JIRA link daemon added a comment - 2011-10-20 17:40 Code changed in jenkins User: bap2000 Path: changelog.html http://jenkins-ci.org/commit/jenkins/495779d4ca7d04179d7e34c9624c0387d3d340c9 Log: [FIXED JENKINS-4000] [FIXED JENKINS-4002] Add fix to changelog

People

Assignee:: bap

Reporter:: rcsilva83

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 2009-07-09 04:47

Updated:: 2014-09-27 15:41

Resolved:: 2011-06-20 14:22