play1 icon indicating copy to clipboard operation
play1 copied to clipboard
verified publisher icon playframework

[#1770] prevent request body from being flashed (security)

Open deanhiller opened this issue 12 years ago • 3 comments

found this issue when doing the _feild tag fix noticing the password was redisplaying which is only possible if it is in the cookie(and it was in clear text). This fixes that issue so that playframework is secure again.

deanhiller avatar Dec 16 '13 19:12 deanhiller

play-1-3-x-pull-requests #127 SUCCESS This pull request looks good

cloudbees-pull-request-builder avatar Dec 16 '13 20:12 cloudbees-pull-request-builder

ok, I redid this now with modifying params.flash() to skip storing the body.

deanhiller avatar Dec 16 '13 21:12 deanhiller

play-1-3-x-pull-requests #128 SUCCESS This pull request looks good

cloudbees-pull-request-builder avatar Dec 16 '13 22:12 cloudbees-pull-request-builder