Closed
Bug 819361
Opened 13 years ago
Closed 13 years ago
don't print csrf tokens in balrog client logs
Categories
(Release Engineering :: General, defect, P3)
Release Engineering
General
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: bhearsum, Assigned: nthomas)
References
Details
(Whiteboard: [balrog])
Attachments
(2 files)
|
1.44 KB,
patch
|
bhearsum
:
review+
nthomas
:
checked-in+
|
Details | Diff | Splinter Review |
|
1.34 KB,
patch
|
rail
:
review+
nthomas
:
checked-in+
|
Details | Diff | Splinter Review |
Given that they are time based, this is a security issue.
|
||
Updated•13 years ago
|
Priority: -- → P3
|
Assignee | |
Comment 1•13 years ago
|
||
|
Reporter | |
Comment 2•13 years ago
|
||
Comment on attachment 756326 [details] [diff] [review]
[tools] Eyeball fix
Review of attachment 756326 [details] [diff] [review]:
-----------------------------------------------------------------
lgtm!
Attachment #756326 -
Flags: review?(bhearsum) → review+
|
|
Assignee | |
Comment 3•13 years ago
|
||
Comment on attachment 756326 [details] [diff] [review]
[tools] Eyeball fix
https://hg.mozilla.org/build/tools/rev/e7d01202e376
Attachment #756326 -
Flags: checked-in+
|
|
Reporter | |
Comment 4•13 years ago
|
||
Boo, this broke :(
Traceback (most recent call last):
File "/builds/slave/m-aurora-lx-ntly-0000000000000/tools/scripts/updates/balrog-submitter.py", line 36, in <module>
runner.run()
File "/builds/slave/m-aurora-lx-ntly-0000000000000/tools/lib/python/balrog/submitter/cli.py", line 80, in run
buildData=data, copyTo=copyTo)
File "/builds/slave/m-aurora-lx-ntly-0000000000000/tools/lib/python/balrog/submitter/api.py", line 129, in update_build
url_template_vars=url_template_vars)
File "/builds/slave/m-aurora-lx-ntly-0000000000000/tools/lib/python/balrog/submitter/api.py", line 79, in request
res = self.do_request(prerequest_url, None, 'HEAD', {})
File "/builds/slave/m-aurora-lx-ntly-0000000000000/tools/lib/python/balrog/submitter/api.py", line 102, in do_request
sanitised_data = data.copy()
AttributeError: 'NoneType' object has no attribute 'copy'
This is happening during the HEAD request where we get the token (https://github.com/mozilla/build-tools/blob/master/lib/python/balrog/submitter/api.py#L79)
|
|
Assignee | |
Comment 5•13 years ago
|
||
Attachment #758242 -
Flags: review?(rail)
|
|
||
Updated•13 years ago
|
Attachment #758242 -
Flags: review?(rail) → review+
|
|
Assignee | |
Comment 6•13 years ago
|
||
Comment on attachment 758242 [details] [diff] [review]
[tools] Fix
https://hg.mozilla.org/build/tools/rev/0f50bbd52b8d
Attachment #758242 -
Flags: checked-in+
|
|
Assignee | |
Comment 7•13 years ago
|
||
Working now.
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
|
||
Updated•12 years ago
|
Product: mozilla.org → Release Engineering
|
|
||
Updated•8 years ago
|
Component: General Automation → General
You need to log in
before you can comment on or make changes to this bug.
Description
•