Closed
Bug 1188339
Opened 9 years ago
Closed 9 years ago
Backport upstream bug 1179856 (Increase length of all tokens value for greater security)
Categories
(bugzilla.mozilla.org :: General, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: dylan, Assigned: dylan)
Details
Attachments
(1 file, 1 obsolete file)
3.39 KB,
patch
|
glob
:
review+
|
Details | Diff | Splinter Review |
SSIA
Assignee | ||
Updated•9 years ago
|
Summary: Backport upstream bug 1179856 to bmo increased logincookie & token length → Backport upstream bug 1179856 to bmo for increased logincookie & token length
Summary: Backport upstream bug 1179856 to bmo for increased logincookie & token length → Backport upstream bug 1179856 (Increase length of all tokens value for greater security)
Comment on attachment 8640098 [details] [diff] [review] 1188339_1.patch Review of attachment 8640098 [details] [diff] [review]: ----------------------------------------------------------------- this patch increases more than just the login cookie length - it increases the default size of all tokens (api-token, account creation, password reset, etc). i've updated this bug's summary as well as upstream's to reflect that. don't forget to commit just the schema change and leave this bug open. i'll commit the token.pm changes after the schema changes have landed (no need for a second non-schema patch).
Attachment #8640098 -
Flags: review?(glob) → review+
Assignee | ||
Comment 3•9 years ago
|
||
the bug found in the upstream bug would be quite bad for bmo -- logincookies would be invalidated every time checksetup is run. Give this a once over and I'll commit the schema changes after.
Attachment #8640098 -
Attachment is obsolete: true
Attachment #8640768 -
Flags: review?(glob)
Comment on attachment 8640768 [details] [diff] [review] 1188339_2.patch Review of attachment 8640768 [details] [diff] [review]: ----------------------------------------------------------------- r=glob
Attachment #8640768 -
Flags: review?(glob) → review+
Assignee | ||
Comment 5•9 years ago
|
||
To ssh://gitolite3@git.mozilla.org/webtools/bmo/bugzilla.git 5604742..2e5fc83 master -> master
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
reopening as this code is not fully committed.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
To ssh://gitolite3@git.mozilla.org/webtools/bmo/bugzilla.git 0565d65..0cc42e2 master -> master
Status: REOPENED → RESOLVED
Closed: 9 years ago → 9 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•