[VALIDATOR-151] [validator] Password validation revealed in javascript - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Won't Fix
Affects Version/s: 1.1.1 (alpha)
Fix Version/s: None
Component/s: JavaScript
Labels:
None
Environment:

Operating System: other
Platform: Other

Bugzilla Id:
23652

Description

The javascript does not validate password fields for security reasons; however,
any rules defined on a password field still show up in the javascript (they're
just not used). The min/max length and mask properties reveal sensitive
information about the server-side password validation structure. The best
solution at this time is to not use validator to check password fields at all
but we need a better solution in the long run.

See bug# 12473 for other details.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: David Graham

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 07/Oct/03 21:08

Updated:: 12/Nov/07 19:25

Resolved:: 23/Nov/06 00:06