[Openstack-security] [openstack/horizon] SecurityImpact review request change If2c3439cf23b11dd7829a4d7866d3b21409a7d69
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Wed Feb 11 16:40:55 UTC 2015
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/154943
Log:
commit 64ed56100ccbb4eeb16040b67d5417925aaabf0d
Author: Brant Knudson <bknudson at us.ibm.com>
Date: Wed Feb 11 10:38:58 2015 -0600
Set the password_autocomplete default to "off"
It's safer to set the autocomplete option to "off" for passwords
so that browsers get the hint to not save it. The default should
be secure so that deployers need to make a conscious decision to
be less-secure.
This is for security hardening.
SecurityImpact
Change-Id: If2c3439cf23b11dd7829a4d7866d3b21409a7d69
More information about the Openstack-security
mailing list