[opencms-dev] BUG: URLDecoder complains about content of password
Michael Moossen
m.moossen at alkacon.com
Wed Jul 2 16:07:32 CEST 2008
Hi Stefan!
could you please fill a new bugzilla entry?
Kind regards,
Michael
-------------------
Alkacon Software GmbH - The OpenCms Experts
http://www.alkacon.com - http://www.opencms.org
Stefan Nehlsen wrote:
> I'm really new to OpenCMS and discovered a bug in one of my very first
> actions. Being a newbie I would propose that someone more expierenced
> will look at this.
>
> After installing version 7.0.4 I wanted to change the password and
> entered something like that: "test%"
>
> This leads to the following error message:
>
> URLDecoder: Incomplete trailing escape (%) pattern
>
> I don't think that this is a error message you want to see in this
> situation, instead it looks as that there is something happening on
> the wrong level.
>
> I created a different account and gave it a password like "test%20".
> This string was accepted as password data but I wasn't able to login
> with it even when I tried a decoded version "test ".
>
> This is a bug -- a user is able to disable his account.
>
> cu, Stefan
>
>
> ------------------------------------------------------------------------
>
>
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> http://lists.opencms.org/mailman/listinfo/opencms-dev
More information about the opencms-dev
mailing list