Closed
Bug 867717
Opened 11 years ago
Closed 11 years ago
Review of login.webmaker.org on staging environment
Categories
(mozilla.org :: Security Assurance: Review Request, task)
mozilla.org
Security Assurance: Review Request
Tracking
(Not tracked)
RESOLVED
FIXED
Due Date:
People
(Reporter: boozeniges, Assigned: freddy)
Details
(Whiteboard: [login.wm.o] [completed secreview][Web][score:low] u= c= p=1 s=sprint 2)
In the Mozilla Foundation we're working on a system that piggybacks on-top of Persona to provide a single sign on service for our webmaker tools and sites. We've done a few initial security code reviews on our github repo at https://github.com/mozilla/login.webmaker.org but we've not got it staged so some more tests can be done! http://webmaker.mofostaging.net/ - there isn't much of a site there yet, but the login works :) Any problems/questions please let me know, Ross
Reporter | ||
Updated•11 years ago
|
Whiteboard: [login.wm.o] c=login
Updated•11 years ago
|
Assignee: mgoodwin → nobody
OS: Mac OS X → All
Hardware: x86 → All
Whiteboard: [login.wm.o] c=login → [login.wm.o] c=login [triage needed]
Updated•11 years ago
|
Assignee: nobody → fbraun
Whiteboard: [login.wm.o] c=login [triage needed] → [login.wm.o] c=login [pending secreview]
Reporter | ||
Comment 1•11 years ago
|
||
!!! This app is currently going under a bit of a re-write. Don't review what we currently have up on staging !!! Will update when it's redone and re-staged. Sorry for the changes.
Assignee | ||
Comment 2•11 years ago
|
||
OK, I will defer the review until you are done. Please address the review questions as mentioned in https://wiki.mozilla.org/WebAppSec/Security_Review_Request#Questions_to_Address_within_Request_Body and needinfo?/secreview? me when you want me to start.
Assignee | ||
Updated•11 years ago
|
Status: NEW → UNCONFIRMED
Ever confirmed: false
Updated•11 years ago
|
Whiteboard: [login.wm.o] c=login [pending secreview] → [login.wm.o] c=login [pending secreview][Web]
Assignee | ||
Comment 3•11 years ago
|
||
What's the status on your rewrite, Ross?
Flags: needinfo?(rossbruniges)
Reporter | ||
Comment 4•11 years ago
|
||
Heya :freddyb, I thought that there was an additional ticket openned up for review of this app. It's now live (can be seen in webmaker.org). I've also left Mozilla now so probably best to check in with Dave Humphrey (:humph) in regard to the status and want of any sec reviews...
Flags: needinfo?(rossbruniges)
Assignee | ||
Comment 5•11 years ago
|
||
Well, has this been covered as part of another review?
Flags: needinfo?(david.humphrey)
Assignee | ||
Comment 6•11 years ago
|
||
Well, has this been covered as part of another review? (I probably needinfo'd the wrong person)
Flags: needinfo?(david.humphrey) → needinfo?(rossbruniges)
Whiteboard: [login.wm.o] c=login [pending secreview][Web] → [login.wm.o] c=login [pending secreview][Web][score:low]
Updated•11 years ago
|
Whiteboard: [login.wm.o] c=login [pending secreview][Web][score:low] → [login.wm.o] c=login [pending secreview][Web][score:low] u= c= p=1 s=ready
Updated•11 years ago
|
Whiteboard: [login.wm.o] c=login [pending secreview][Web][score:low] u= c= p=1 s=ready → [login.wm.o] [pending secreview][Web][score:low] u= c= p=1 s=ready
Updated•11 years ago
|
Due Date: 2013-11-22
Updated•11 years ago
|
Whiteboard: [login.wm.o] [pending secreview][Web][score:low] u= c= p=1 s=ready → [login.wm.o] [pending secreview][Web][score:low] u= c= p=1 s=sprint 2
Assignee | ||
Updated•11 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 11 years ago
Flags: needinfo?(rossbruniges)
Resolution: --- → FIXED
Whiteboard: [login.wm.o] [pending secreview][Web][score:low] u= c= p=1 s=sprint 2 → [login.wm.o] [completed secreview][Web][score:low] u= c= p=1 s=sprint 2
You need to log in
before you can comment on or make changes to this bug.
Description
•