[Calypso] [PATCH] Drop version from basic auth realm

Jelmer Vernooij jelmer at jelmer.uk
Wed Jan 27 04:10:05 PST 2016

On 27 January 2016 11:38:44 GMT+00:00, Petter Reinholdtsen <pere at hungry.com> wrote:
>[Guido G√ľnther]
>> otherwise we get a password prompt on each version upgrade in
>> e.g. iceowl.
>> ---
>> Spotted by updating an instance to git master.
>Look good to me. :)
>Is there any reason to include the server version number in the
>header?  It could be seen as a security problem, if some versions have
It can be useful when debugging issues when you don't have access to the server (e.g. when it's run as infrastructure). Not sure how relevant that is for calypso at the moment though.

Personally, I'm not letting untrusted users access calypso anyway.


More information about the Calypso mailing list