Password field is in plan text #227
Comments
|
The best option is to use a WebHook Parameter set as "password". TeamCity will store it outside your build settings in an encrypted file. Then reference the WebHook Parameter in the password field of your webhook authentication settings. See this page for more information: https://github.com/tcplugins/tcWebHooks/wiki/Hiding-Sensitive-Values-In-WebHook-Configuration Here is an example I have on my test server...
And then referenced in a webhook |
|
BTW, the webhook configuration is stored on the teamcity server un-encrypted (I can't change how that works). So any implied security by using a hidden field in the webhook edit dialog would be mis-leading. That is why is it a plain text box, so that it's obvious that it won't be stored securely. Referencing a secure WebHook Parameter is the better option. |
Expected Behavior
Password field shouldn't be exposed in plain text
Current Behavior
Currently, the password field is in plain text
Steps to Reproduce (for bugs)
Refer screen above when providing the credentials in basic it is capturing the credentials in plain text
Your Environment
Example Configuration (xml)
The text was updated successfully, but these errors were encountered: