You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Upon login, the Admin UI requires the auth token to be between 8 and 64 characters, but the Admin API doesn't have this restriction when setting/changing the token.
The best fix is to modify the API to only allow tokens between 8 and 64, but this breaks backwards compatibility. It would also lock-out anyone who's already using a shorter token with the API.
The proper fix is to not perform validation of the auth token's length (in the UI)... or to allow any non-zero absolute value.
The text was updated successfully, but these errors were encountered:
* Short token issue is fixed for UI auth as well
* Ensure cookie path is always /
* Allow error messages in 'http-msg'
* Add AoE, NBD, iSCSI storage options
* Add '/build' endpoint to retrieve build details
Upon login, the Admin UI requires the auth token to be between 8 and 64 characters, but the Admin API doesn't have this restriction when setting/changing the token.
The best fix is to modify the API to only allow tokens between 8 and 64, but this breaks backwards compatibility. It would also lock-out anyone who's already using a shorter token with the API.
The proper fix is to not perform validation of the auth token's length (in the UI)... or to allow any non-zero absolute value.
The text was updated successfully, but these errors were encountered: