Project

General

Profile

Actions

Bug #442

closed

Security issue: the default gravatar url should not point to gravatar.

Added by Sebastian Kreft about 10 years ago. Updated over 8 years ago.

Status:
Closed
Priority:
Normal
Category:
-
Target version:
Start date:
24.11.2014
Due date:
% Done:

0%

Estimated time:
Sorting:
Commit Number:
Affected Version:

Description

By default the gravatar url should not point to gravatar, as there are some security considerations with that. The impact is not that high as we only sent an md5 of the email, but still I think this is not a sane default for the military.

This issue is related to https://bugs.rhodecode.com/issues/196

Actions #1

Updated by Johannes Bornhold almost 10 years ago

  • Target version set to 13
Actions #2

Updated by Johannes Bornhold almost 10 years ago

This still needs first a decision if we want to do that or not.

Actions #3

Updated by Johannes Bornhold almost 10 years ago

  • Target version changed from 13 to Backlog

Moving 3.0.x over to Backlog

Actions #4

Updated by Marcin Kuzminski [CTO] over 8 years ago

  • Private changed from No to Yes
Actions #5

Updated by Marcin Kuzminski [CTO] over 8 years ago

  • Assignee set to Marcin Kuzminski [CTO]
Actions #6

Updated by Marcin Kuzminski [CTO] over 8 years ago

  • Status changed from New to Closed
  • Private changed from Yes to No

This was now changes as default behaviour

Actions

Also available in: Atom PDF