OpenSim
/
OpenSimMirror
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Don't log http auth details by default. 

This is a security risk when people distribute logs for debug purposes.
If necessary the information can be retrieved via config console commands.
Relates to http://opensimulator.org/mantis/view.php?id=7501
inv-download
Justin Clark-Casey (justincc) 2015-03-16 23:48:16 +00:00
parent eda09d8763
commit 5b31bb9cb9
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
OpenSim/Framework/ServiceAuth/BasicHttpAuthentication.cs
View File

@ -38,7 +38,7 @@ namespace OpenSim.Framework.ServiceAuth
{ {
public class BasicHttpAuthentication : IServiceAuth public class BasicHttpAuthentication : IServiceAuth
{ {
private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); // private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
public string Name { get { return "BasicHttp"; } } public string Name { get { return "BasicHttp"; } }
@ -61,7 +61,7 @@ namespace OpenSim.Framework.ServiceAuth
byte[] encData_byte = Util.UTF8.GetBytes(str); byte[] encData_byte = Util.UTF8.GetBytes(str);
m_CredentialsB64 = Convert.ToBase64String(encData_byte); m_CredentialsB64 = Convert.ToBase64String(encData_byte);
m_log.DebugFormat("[HTTP BASIC AUTH]: {0} {1} [{2}]", m_Username, m_Password, section); // m_log.DebugFormat("[HTTP BASIC AUTH]: {0} {1} [{2}]", m_Username, m_Password, section);
} }
public void AddAuthorization(NameValueCollection headers) public void AddAuthorization(NameValueCollection headers)