Privacy Settings: Do not send token_auth via GET and POST #8497

Major c: Security Backlog (Help wanted)
@tsteur opened this Issue on August 6th 2015 Member

See eg https://github.com/piwik/piwik/pull/8002#discussion-diff-31667646L11 , https://github.com/piwik/piwik/pull/8002#discussion-diff-31667834R29 , https://github.com/piwik/piwik/pull/8002#discussion-diff-31667901R98 , ...

It shouldn't be sent as GET as the token could appear in server logs

@Joey3000 commented on September 17th 2015 Contributor

See also https://github.com/piwik/piwik/issues/7349 :)

Home | Back
Powered by GitHub Issue Mirror
Privacy Policy