[vlc-devel] http intf: ensure the password is set
Rémi Denis-Courmont
remi at remlab.net
Fri Apr 26 14:14:13 CEST 2013
On Fri, 26 Apr 2013 12:43:00 +0200, Jean-Baptiste Kempf <jb at videolan.org>
wrote:
> On 25 Apr, Francois Cartegnie wrote :
>> > From: Rémi Denis-Courmont <remi at remlab.net>
>> > Date: Mon, 22 Apr 2013 16:35:01 +0000 (+0300)
>> > Subject: http intf: ensure the password is set
>> > X-Git-Url:
>> >
http://git.videolan.org/?p=vlc.git;a=commitdiff_plain;h=51719d5a03afd84eb0ddc76eed393b196d15b0d0
>> >
>>
>> > +assert(password ~= "", "password not defined")
>>
>> Lots of users complains to be expected...
>
> Why not a dialog?
Yeah. Generate a secure random password and then: "The HTTP interface may
contain nuts, fry your cat and harm your children. It will be protected by
password XXXXXXXX. Do you really wish to enable the HTTP interface? [Abort
abort abort] [Yes, I am insane]"
At least then the password won't be asdfg. Unfortunately, this fails to
protect against MITM on the local network.
--
Rémi Denis-Courmont
Sent from my collocated server
More information about the vlc-devel
mailing list