Results 1 to 2 of 2

Thread: NPM registry insecure login!?!?!

  1. #1
    Sencha Premium User
    Join Date
    Sep 2008
    Posts
    34

    Default NPM registry insecure login!?!?!

    What in the world is going on here??? I pointed my browser over to https://npm.sencha.com/, go to enter my credentials, to which Firefox alerts me that my credentials are about to be sent plain text.

    Thinking FF is just paranoid because it loaded some non-https scripts (shame on you btw), I opened Chrome and watched the dev tools while I logged in. Holy mess, it sent my credentials plain-text over HTTP!!

    Not that you would want to make your "open" tools available to a wide range of developers via https://registry.npmjs.com/ mind you. That would make life too easy, but hey - keep pushing me away.

  2. #2
    Sencha Premium Member matei's Avatar
    Join Date
    Jun 2008
    Location
    Cluj-Napoca
    Posts
    84

    Default

    bug registered here: https://www.sencha.com/forum/showthr...-in-https-mode
    but still not fixed

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •