[geeklog-devel] [geeklog-cvs] geeklog: blank out OAuth consumer secrets when displaying the ro...

Tom websitemaster at cogeco.net
Sun Sep 25 20:04:09 EDT 2011


We might as well just to be on the safe side since it is used as part of the
identification process.


http://oauth.net/core/1.0/

Consumer Key: A value used by the Consumer to identify itself to the Service
Provider. 
Consumer Secret: A secret used by the Consumer to establish ownership of the
Consumer Key.

Tom




-----Original Message-----
From: geeklog-devel-bounces at lists.geeklog.net
[mailto:geeklog-devel-bounces at lists.geeklog.net] On Behalf Of Dirk Haun
Sent: September-25-11 4:49 PM
To: geeklog-devel at lists.geeklog.net
Subject: Re: [geeklog-devel] [geeklog-cvs] geeklog: blank out OAuth consumer
secrets when displaying the ro...

> changeset 8425:0c05e3b0e0d5
> url:
http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/0c05e3b0e0d5
> user: Dirk Haun <dirk at haun-online.de>
> date: Sun Sep 25 22:24:26 2011 +0200
> description:
> blank out OAuth consumer secrets when displaying the rootdebug error
screen to a non-Root user

Should we also blank out the OAuth consumer keys? How secret are those?

bye, Dirk

_______________________________________________
geeklog-devel mailing list
geeklog-devel at lists.geeklog.net
http://eight.pairlist.net/mailman/listinfo/geeklog-devel




More information about the geeklog-devel mailing list