maven-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Olivier Lamy (JIRA)" <j...@codehaus.org>
Subject [jira] (MNG-5265) enforce repository url verification for passing authz
Date Tue, 20 Mar 2012 23:48:04 GMT
Olivier Lamy created MNG-5265:
---------------------------------

             Summary: enforce repository url verification for passing authz
                 Key: MNG-5265
                 URL: https://jira.codehaus.org/browse/MNG-5265
             Project: Maven 2 & 3
          Issue Type: Improvement
          Components: Settings
    Affects Versions: 3.0.4, 3.0.3, 3.0.2, 2.2.1, 2.0.10
            Reporter: Olivier Lamy


Related discussion: http://markmail.org/message/7pswshucxc7qwtef

in your settings you have:
{code}
    <server>
      <username>olamy</username>
      <password>reallycomplicatedpassword</password>
      <id>foo.org</id>
    </server>
{code}

During dependencies resolution, you get a pom with a repository.
{code}
    <repository>
      <id>foo.org</id>
      <url>http://yourpasswordwillbehacked.org/</url>
    </repository>
{code}


Idea id in settings must contains the target hostname.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://jira.codehaus.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message