Password shouldnt be a query parameter

pfeffed / liftmaster_myq

Ruby gem to control a Chamberlain Liftmaster MyQ system

MIT License

65 stars 49 forks source link

Password shouldnt be a query parameter #9

Open torres-roberto opened 4 years ago

torres-roberto commented 4 years ago

URI encoding the password and passing it as a query parameter to login is a security vulnerability. Is there support for passing password in a POST body instead?