maven-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Olivier Lamy (JIRA)" <j...@codehaus.org>
Subject [jira] (MNG-5265) enforce repository url verification for passing authz
Date Tue, 20 Mar 2012 23:50:02 GMT

     [ https://jira.codehaus.org/browse/MNG-5265?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Olivier Lamy updated MNG-5265:
------------------------------

    Fix Version/s: 3.0.5

print a warning in 3.0.5
                
> enforce repository url verification for passing authz
> -----------------------------------------------------
>
>                 Key: MNG-5265
>                 URL: https://jira.codehaus.org/browse/MNG-5265
>             Project: Maven 2 & 3
>          Issue Type: Improvement
>          Components: Settings
>    Affects Versions: 2.0.10, 2.2.1, 3.0.2, 3.0.3, 3.0.4
>            Reporter: Olivier Lamy
>             Fix For: 3.0.5
>
>
> Related discussion: http://markmail.org/message/7pswshucxc7qwtef
> in your settings you have:
> {code}
>     <server>
>       <username>olamy</username>
>       <password>reallycomplicatedpassword</password>
>       <id>foo.org</id>
>     </server>
> {code}
> During dependencies resolution, you get a pom with a repository.
> {code}
>     <repository>
>       <id>foo.org</id>
>       <url>http://yourpasswordwillbehacked.org/</url>
>     </repository>
> {code}
> Idea id in settings must contains the target hostname.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://jira.codehaus.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message