Security Risk - push command adds db url from .kansorc to the design doc. #409

ozomer · 2014-07-01T19:25:24Z

The design doc is created with a kanso.config._url field that contains the url from the .kansorc file.

Following the explanation here, it is recommended to put the username and password in the .kansorc file (and add it to .gitignore).

This will be very bad if your couchdb has public read access...

@ryanramage

The text was updated successfully, but these errors were encountered:

Issue #409: Remove auth from url.

mandric · 2015-01-02T17:29:54Z

This was fixed in 0.4.0.

ozomer added a commit to ozomer/kanso that referenced this issue Aug 2, 2014

Issue kanso#409: Remove auth from url.

64fce06

mandric added a commit that referenced this issue Aug 19, 2014

Merge pull request #411 from ozomer/master

48cc23e

Issue #409: Remove auth from url.

mandric closed this as completed Jan 2, 2015

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security Risk - push command adds db url from .kansorc to the design doc. #409

Security Risk - push command adds db url from .kansorc to the design doc. #409

ozomer commented Jul 1, 2014

mandric commented Jan 2, 2015

Security Risk - push command adds db url from .kansorc to the design doc. #409

Security Risk - push command adds db url from .kansorc to the design doc. #409

Comments

ozomer commented Jul 1, 2014

mandric commented Jan 2, 2015