Displaying 1 result from an estimated 1 matches for "cleartext_password_or_whatever".
2006 Feb 24
5
Plain text passwords displayed in production.log
By default, all the paramaters are displayed in the production.log on a POST.
Unfortunately, this includes all the plain-text passwords that people type
into the login form on my application, which is a huge security risk. I''m
using a custom evaluation system that hooks into LDAP (not any of the
generators/plugins).
View code is simple:
<%= text_field ''employee'',