posted by
LaminatorX
on Monday February 17 2014, @02:47PM
from the release-early-release-often dept.
Welcome to the new site everyone. As penance for my embarrassing triple posting earlier, I have been asked by the admins to post a link to our lovely bug tracker, which can be found at http://sylnt.us/bugs. If you notice any odd behavior around the site, please don't hesitate to submit a notice. Thank you, everyone.
This discussion has been archived.
No new comments can be posted.
Speaking of passwords, it seems like ours are sent in the clear. I saw that it was HTTP when I logged in, but I assumed there was some client-side hashing going on in Javascript. To verify this, I logged out and logged in a second time with LiveHTTPHeaders open. Unfortunately, I was able to see my own password URL-encoded in the POST data.
(Score: 1) by snailboat on Tuesday February 18 2014, @02:58AM
Speaking of passwords, it seems like ours are sent in the clear. I saw that it was HTTP when I logged in, but I assumed there was some client-side hashing going on in Javascript. To verify this, I logged out and logged in a second time with LiveHTTPHeaders open. Unfortunately, I was able to see my own password URL-encoded in the POST data.