Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update login.py #33

Merged
merged 1 commit into from
May 29, 2019
Merged

Update login.py #33

merged 1 commit into from
May 29, 2019

Conversation

dmontagu
Copy link
Contributor

Change new_password from a query parameter to a body parameter for security.

(Why this is problematic is discussed in the top answer to https://stackoverflow.com/questions/2629222/are-querystring-parameters-secure-in-https-http-ssl)

@dmontagu
Update login.py
4f11dd8 
Change `new_password` from a query parameter to a body parameter for security.

(Why this is problematic is discussed in the top answer to https://stackoverflow.com/questions/2629222/are-querystring-parameters-secure-in-https-http-ssl)
@tiangolo tiangolo merged commit 546dc8b into fastapi:master May 29, 2019
@tiangolo
Copy link
Member

Absolutely! 😅

Thanks for fixing it! 🎉 🚀

gusevyaroslove pushed a commit to gusevyaroslove/fastapi-template that referenced this pull request Aug 4, 2024
@dmontagu @tiangolo
🔒 Update login.py to receive password as body (fastapi#33)
e80cff5 
Change `new_password` from a query parameter to a body parameter for security.

(Why this is problematic is discussed in the top answer to https://stackoverflow.com/questions/2629222/are-querystring-parameters-secure-in-https-http-ssl)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dmontagu @tiangolo