csvbase icon indicating copy to clipboard operation
csvbase copied to clipboard
verified publisher icon calpaterson

Signed out blank table form should blank sensitive fields

Open calpaterson opened this issue 2 years ago • 0 comments

Description

The blank table form retains user credentials and even puts them in the url, where they are in danger of being logged

Steps to reproduce

  1. Be signed out
  2. Visit https://csvbase.com/new-table/blank
  3. Enter user credentials
  4. Then add a new column to the form

Expected result

Sensitive fields should be blanked

Actual result

They are retained (and so put in the URL)

Additional details

This feels like it needs a post-redirect-get job for signed out users. Signed in users can keep the current flow which saves a request cycle.

https://www.reddit.com/r/programming/comments/15y184f/i_didnt_write_any_javascript_and_other_shortcuts/jxbrqng/?context=3

calpaterson avatar Aug 23 '23 08:08 calpaterson