Closed Bug 1439632 Opened 3 years ago Closed 2 years ago

Make sure password is always empty after calling SetPassword(EmptyCString()) on a URI

Categories

(Core :: Networking, defect, P3)

defect

Tracking

()

RESOLVED FIXED
mozilla61
Tracking Status
firefox60 --- wontfix
firefox61 --- fixed

People

(Reporter: valentin, Assigned: valentin)

References

(Blocks 1 open bug)

Details

(Whiteboard: [necko-triaged])

Attachments

(1 file)

This bug was filed because of bug 1433958 comment 52

At the moment, when the username is "" we also strip the password.
First of all, this does not follow the spec.
Secondly, while it's not clear that we can get into a situation where the username is empty and the password is not, we should ensure that it is always cleared when calling SetPassword("")
Comment on attachment 8967886 [details]
Bug 1439632 - Make sure password is always empty after calling SetPassword(EmptyCString()) on a URI

https://reviewboard.mozilla.org/r/236576/#review244154
Attachment #8967886 - Flags: review?(honzab.moz) → review+
Pushed by valentin.gosu@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/b4b2f2f22ab8
Make sure password is always empty after calling SetPassword(EmptyCString()) on a URI r=mayhemer
https://hg.mozilla.org/mozilla-central/rev/b4b2f2f22ab8
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla61
You need to log in before you can comment on or make changes to this bug.