Privacy Settings: Do not send token_auth via GET and POST #8497
Labels
c: Security
For issues that make Matomo more secure. Please report issues through HackerOne and not in Github.
duplicate
For issues that already existed in our issue tracker and were reported previously.
Major
Indicates the severity or impact or benefit of an issue is much higher than normal but not critical.
Milestone
See eg #8002 (diff) , #8002 (diff) , #8002 (diff) , ...
It shouldn't be sent as GET as the token could appear in server logs
The text was updated successfully, but these errors were encountered: