janwytze
commented
7 years ago Not the nicest solution, but we could just use another splitting character:
https://stackoverflow.com/a/1879904/2735398
Closed janwytze closed 7 years ago
janwytze
commented
7 years ago Not the nicest solution, but we could just use another splitting character:
https://stackoverflow.com/a/1879904/2735398
janwytze
commented
7 years ago Solved in #38
The
userListin theUserServiceis not safe, it is aMapwith username and password as key(username:password).Example: username: example@example.nl password: passw:ord Result: example@example.nl:passw:ord
username: example@example.nl:passw password: ord Result: example@example.nl:passw:ord
The result are the same!
Of course you still have to know the password of the user, so it won't result in users getting hacked.
It can be solved by using a different key(or none) or validating the username better.