Ticket #594 (closed Feature Request: invalid)

Opened 2 months ago

Last modified 1 month ago

kohana errors should obfuscate database passwords!

Reported by: atomless Assigned to: Shadowhand
Priority: critical Milestone: 2.1.2
Component: Core Version: SVN HEAD
Keywords: Cc:
SVN Revision (if applicable):

Description

Having been stupid enough to forget to switch errors off in the kohana index.php file after fixing a small bug on a live site I feel it would make more sense if kohana displayed database passwords as stars in error messages!

Change History

05/07/08 05:27:03 changed by atomless

  • priority changed from major to critical.

05/07/08 10:58:11 changed by brettalton

Isn't that the developers fault then?

05/07/08 11:55:11 changed by atomless

absolutely it's the developer's fault if they forget to disable php errors in the kohana index.php file before putting a site live - and I feel pretty stupid for making the mistake - but developers are human (well mostly!) and we make mistakes - wouldn't it be nice if kohana could save our blushes and obfuscate passwords in error messages?

05/28/08 17:14:21 changed by Shadowhand

  • status changed from new to closed.
  • resolution set to invalid.

That's more or less impossible. However, there has been a fix in 2.1.2 and SVN for some time.