Closed Bug 690859 Opened 13 years ago Closed 13 years ago

Tracebacks leak private data

Categories

(Participation Infrastructure :: Phonebook, defect)

Product:
Participation Infrastructure
Component:
Phonebook
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: davedash, Assigned: davedash)

References

Details

(Whiteboard: [qa-]) 

Traceback (most recent call last):

 File "/data/www/mozillians.org/mozillians/vendor/src/django/django/core/handlers/base.py", line 111, in get_response
   response = callback(request, *callback_args, **callback_kwargs)

 File "/data/www/mozillians.org/mozillians/vendor/src/django-session-csrf/session_csrf/__init__.py", line 107, in wrapper
   response = f(request, *args, **kw)

 File "/data/www/mozillians.org/mozillians/apps/users/views.py", line 75, in register
   uniq_id = _save_new_user(request, form)

 File "/data/www/mozillians.org/mozillians/apps/users/views.py", line 177, in _save_new_user
   raise Exception(msg)

Exception: Authentication for new user [somebody@mozilla.com] with password intheclearpassword failed
If we wrote the code raising the exception, we should not include the password...

Also, I'm not sure why we would have our app fail because we couldn't log in...
Target Milestone: --- → 1.1
This has been fixed.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
[qa-] until QA can generate a traceback when failing to login, to verify this case.
OS: Mac OS X → All
Hardware: x86 → All
Whiteboard: [qa-]
Bumping to verified as [qa-].
Status: RESOLVED → VERIFIED
Component: mozillians.org → Phonebook
Product: Websites → Community Tools
QA Contact: mozillians-org → phonebook
Target Milestone: 1.1 → ---
Version: unspecified → other
You need to log in before you can comment on or make changes to this bug.