Open GoogleCodeExporter opened 9 years ago
i think this is on purpose. for security reasons :)
authsrv for example makes bogus auth tokens so an attacker can't
figure out if a user exists.
it would be good to isolate the cases and see if we have a chance
improving the situation without compromising security.
Original comment by cinap_le...@felloff.net
on 27 Aug 2011 at 6:03
Original comment by cinap_le...@felloff.net
on 4 Nov 2011 at 11:06
Original issue reported on code.google.com by
a...@phicode.de
on 17 Jul 2011 at 7:42