Tracebacks leak private data

VERIFIED FIXED

Status

VERIFIED FIXED
7 years ago
6 years ago

People

(Reporter: davedash, Assigned: davedash)

Tracking

Details

(Whiteboard: [qa-])

Traceback (most recent call last):

 File "/data/www/mozillians.org/mozillians/vendor/src/django/django/core/handlers/base.py", line 111, in get_response
   response = callback(request, *callback_args, **callback_kwargs)

 File "/data/www/mozillians.org/mozillians/vendor/src/django-session-csrf/session_csrf/__init__.py", line 107, in wrapper
   response = f(request, *args, **kw)

 File "/data/www/mozillians.org/mozillians/apps/users/views.py", line 75, in register
   uniq_id = _save_new_user(request, form)

 File "/data/www/mozillians.org/mozillians/apps/users/views.py", line 177, in _save_new_user
   raise Exception(msg)

Exception: Authentication for new user [somebody@mozilla.com] with password intheclearpassword failed
If we wrote the code raising the exception, we should not include the password...

Also, I'm not sure why we would have our app fail because we couldn't log in...
Target Milestone: --- → 1.1

Updated

7 years ago
Duplicate of this bug: 690855
This has been fixed.
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
[qa-] until QA can generate a traceback when failing to login, to verify this case.
OS: Mac OS X → All
Hardware: x86 → All
Whiteboard: [qa-]
Bumping to verified as [qa-].
Status: RESOLVED → VERIFIED

Updated

6 years ago
Component: mozillians.org → Phonebook
Product: Websites → Community Tools
QA Contact: mozillians-org → phonebook
Target Milestone: 1.1 → ---
Version: unspecified → other
You need to log in before you can comment on or make changes to this bug.