You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Mar 28, 2022. It is now read-only.
when signing up trough the on-boarding URL, and using a weak password. The password is visible in plain text in the URL
Expected behavior:
No visible text of the value that's being inputted in the form.
Log file / Code snippet / Screenshots:
For example: https://trasa.domain.org/woa/verify#token=6d1821638cf3f2246xxxxxx
After selecting a password, (which isn't strong enough), you'll get a error and the password you've tried to use is visible in the URL in plain text.
After using a password which is strong enough, it disappears.
To reproduce:
Create new user -> Open Signup URL -> Use weak password (e.g. 123) -> Get error, and click continue -> URL should include weak password used like this: https://trasa.domain.org/woa/verify?password=123&cpassword=123&submit=#token=2c9ee66xxxxxx
Scope of issue:
TRASA codebase
dashboard
server
mobile app
browser extension
device agent
website/docs
Versions:
TRASA version = 1.1.2
OS (in which TRASA is installed): Ubuntu 20.04
Browser (if issue is in certain browser) Chrome
Additional context:
As discussed in the Discord app.
The text was updated successfully, but these errors were encountered:
Describe the bug:
when signing up trough the on-boarding URL, and using a weak password. The password is visible in plain text in the URL
Expected behavior:
No visible text of the value that's being inputted in the form.
Log file / Code snippet / Screenshots:
For example:
https://trasa.domain.org/woa/verify#token=6d1821638cf3f2246xxxxxx
After selecting a password, (which isn't strong enough), you'll get a error and the password you've tried to use is visible in the URL in plain text.
After using a password which is strong enough, it disappears.
To reproduce:
Create new user -> Open Signup URL -> Use weak password (e.g. 123) -> Get error, and click continue -> URL should include weak password used like this:
https://trasa.domain.org/woa/verify?password=123&cpassword=123&submit=#token=2c9ee66xxxxxx
Scope of issue:
Versions:
Additional context:
As discussed in the Discord app.
The text was updated successfully, but these errors were encountered: