Anonymous | Login | 2024-11-22 04:37 EST |
Main | My View | View Issues | Change Log | Roadmap |
View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
ID | Project | Category | View Status | Date Submitted | Last Update | |||
0000848 | PacketFence | error-handling | public | 2009-11-12 11:11 | 2012-09-06 10:57 | |||
Reporter | obilodeau | |||||||
Assigned To | obilodeau | |||||||
Priority | high | Severity | major | Reproducibility | always | |||
Status | closed | Resolution | fixed | |||||
Platform | OS | OS Version | ||||||
Product Version | ||||||||
Target Version | 3.5.1 | Fixed in Version | 3.5.1 | |||||
Summary | 0000848: password validation | |||||||
Description | Our grammar is very strict on certain characters you can use as arguments. Often these non-approved characters are pushed in as passwords in the various places where we use them in packetfence (switch management, user management, etc.). No error is shown when this happens. pfcmd just silently fails (but this will be dealt with in bug 0000847) Anyway we can be better at that. We should validate password fields in the web admin using the same regexp as the grammar and show a nice error message saying invalid characters in password. | |||||||
Tags | usability | |||||||
fixed in git revision | 404be9f | |||||||
fixed in mtn revision | ||||||||
Attached Files | ||||||||
Notes | |
(0003001) obilodeau (reporter) 2012-08-31 10:36 |
Especially problematic is the fact that we don't support $ as a valid character. |
(0003005) obilodeau (reporter) 2012-08-31 14:11 |
Branch fix/848-password-validation was just pushed that fixes this. |
(0003006) obilodeau (reporter) 2012-08-31 14:30 |
opened pull request: https://github.com/inverse-inc/packetfence/pull/56 [^] |
(0003011) obilodeau (reporter) 2012-09-05 11:32 |
fix will be part of next stable release |
(0003021) obilodeau (reporter) 2012-09-06 10:57 |
fix released in 3.5.1 yesterday |
Issue History | |||
Date Modified | Username | Field | Change |
2009-11-12 11:11 | obilodeau | New Issue | |
2009-11-12 11:11 | obilodeau | Status | new => assigned |
2009-11-12 11:11 | obilodeau | Assigned To | => obilodeau |
2010-03-01 13:28 | obilodeau | Category | 1.8.5 => error-handling |
2010-03-01 13:28 | obilodeau | Summary | error handling: password validation => password validation |
2010-09-08 14:08 | obilodeau | Target Version | => 1.9.1 |
2010-09-08 14:09 | obilodeau | Description Updated | |
2010-09-15 11:22 | obilodeau | Target Version | 1.9.1 => 1.9.2 |
2010-09-22 16:02 | obilodeau | Target Version | 1.9.2 => 1.9.3 |
2010-09-28 10:16 | obilodeau | Tag Attached: usability | |
2012-08-31 10:36 | obilodeau | Note Added: 0003001 | |
2012-08-31 14:11 | obilodeau | Note Added: 0003005 | |
2012-08-31 14:30 | obilodeau | Note Added: 0003006 | |
2012-08-31 14:32 | obilodeau | Target Version | 1.9.3 => +1 |
2012-09-05 11:32 | obilodeau | git revision | => 404be9f |
2012-09-05 11:32 | obilodeau | Note Added: 0003011 | |
2012-09-05 11:32 | obilodeau | Status | assigned => resolved |
2012-09-05 11:32 | obilodeau | Fixed in Version | => +1 |
2012-09-05 11:32 | obilodeau | Resolution | open => fixed |
2012-09-06 10:56 | obilodeau | Target Version | +1 => 3.5.1 |
2012-09-06 10:56 | obilodeau | Fixed in Version | +1 => 3.5.1 |
2012-09-06 10:57 | obilodeau | Note Added: 0003021 | |
2012-09-06 10:57 | obilodeau | Status | resolved => closed |
Copyright © 2000 - 2012 MantisBT Group |