1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-28 00:10:57 +01:00
No description
Find a file
James Rhodes 3b1a1ae7e3 [SECURITY] Prevented PhabricatorSetupIssueView from exposing sensitive config options.
Summary:
Currently PhabricatorSetupIssueView will show the current values of
configuration options regardless of whether or not they are defined
as hidden options.  This means that if the MySQL server stops, Phabricator
will present the MySQL connection credentials to anyone who can access
the Phabricator page.

Test Plan:
Stop the MySQL server for a Phabricator instance.  It should display 'hidden'
instead of the MySQL password.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5596
2013-04-06 00:39:53 -07:00
bin Introduce basic bin/mail with a resend workflow 2013-03-30 15:53:49 -07:00
conf Guarantee the existence of the Phabricator access log 2013-04-02 09:53:56 -07:00
externals Use ExecFuture to raise sendmail error codes out of PHPMailer 2013-03-30 15:51:32 -07:00
resources PhabricatorActionHeaderView v0 2013-04-05 07:40:27 -07:00
scripts Document reparse --min-date more, add validation 2013-04-05 07:35:35 -07:00
src [SECURITY] Prevented PhabricatorSetupIssueView from exposing sensitive config options. 2013-04-06 00:39:53 -07:00
support Ignore and README for support/bin 2013-04-03 12:58:39 -07:00
webroot Fixing a race condition for hovercards 2013-04-05 16:25:07 -07:00
.arcconfig Delete license headers from files 2012-11-05 11:16:51 -08:00
.divinerconfig Centralize rendering of application mail bodies 2012-07-16 19:01:43 -07:00
.editorconfig Specify config for text editors 2012-11-03 22:34:44 -07:00
.gitignore Ignore and README for support/bin 2013-04-03 12:58:39 -07:00
LICENSE Delete license headers from files 2012-11-05 11:16:51 -08:00
NOTICE Increment year. 2013-01-03 05:45:08 -08:00
README Fix typo in README 2013-03-13 15:03:55 -07:00

Phabricator is an open source collection of web applications which make it
easier to write, review, and share source code. Phabricator was developed at
Facebook.

This is an early release. It's pretty high-quality and usable, but under
active development so things may change quickly.

You can learn more about the project and find links to documentation and
resources at: http://phabricator.org/

LICENSE

Phabricator is released under the Apache 2.0 license except as otherwise noted.