Angular-Express-Train-Seed icon indicating copy to clipboard operation
Angular-Express-Train-Seed copied to clipboard

Published 20 hours ago verified publisher icon chris-langager

Plain text username and password

Open mothupally opened this issue 11 years ago • 1 comments

It looks like the client is passing the username and password in clear/plain text in the headers. Anyone who can perform Man-in-the-middle attack can capture client identity.

mothupally avatar Jan 01 '14 11:01 mothupally

To be more safe use HTTPS.

zeroows avatar Mar 20 '15 21:03 zeroows