Mercurial > public > src > moin > 1.9
diff MoinMoin/user.py @ 1075:2ecd1e6c084d
Fixed security issues in MoinMoin.user (do not reveal the ID), added variable hiding to cgitb.
| author | Alexander Schremmer <alex AT alexanderweb DOT de> |
|---|---|
| date | Tue, 25 Jul 2006 13:18:30 +0200 |
| parents | e1e1885deec1 |
| children | 44632345fbfb |
line wrap: on
line diff
--- a/MoinMoin/user.py Tue Jul 25 11:26:02 2006 +0200 +++ b/MoinMoin/user.py Tue Jul 25 13:18:30 2006 +0200 @@ -6,6 +6,9 @@ @license: GNU GPL, see COPYING for details. """ +# add names here to hide them in the cgitb traceback +unsafe_names = ("id", "key", "val", "user_data", "enc_password") + import os, time, sha, codecs try: @@ -289,9 +292,9 @@ self.language = 'en' def __repr__(self): - return "<%s.%s at 0x%x name:%r id:%s valid:%r>" % ( + return "<%s.%s at 0x%x name:%r valid:%r>" % ( self.__class__.__module__, self.__class__.__name__, - id(self), self.name, self.id, self.valid) + id(self), self.name, self.valid) def make_id(self): """ make a new unique user id """