Skip to content

Update login.py #33

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Merged
merged 1 commit into from
May 29, 2019
Merged

Update login.py #33

merged 1 commit into from
May 29, 2019

Conversation

dmontagu
Copy link
Contributor

Change new_password from a query parameter to a body parameter for security.

(Why this is problematic is discussed in the top answer to https://stackoverflow.com/questions/2629222/are-querystring-parameters-secure-in-https-http-ssl)

@dmontagu
Update login.py
4f11dd8 
Change `new_password` from a query parameter to a body parameter for security.

(Why this is problematic is discussed in the top answer to https://stackoverflow.com/questions/2629222/are-querystring-parameters-secure-in-https-http-ssl)
@tiangolo tiangolo merged commit 546dc8b into fastapi:master May 29, 2019
@tiangolo
Copy link
Member

Absolutely! 😅

Thanks for fixing it! 🎉 🚀

gusevyaroslove pushed a commit to gusevyaroslove/fastapi-template that referenced this pull request Aug 4, 2024
@dmontagu @tiangolo
🔒 Update login.py to receive password as body (fastapi#33)
e80cff5 
Change `new_password` from a query parameter to a body parameter for security.

(Why this is problematic is discussed in the top answer to https://stackoverflow.com/questions/2629222/are-querystring-parameters-secure-in-https-http-ssl)
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dmontagu @tiangolo