Improve security of session ID against DB exposure or SQL injection [#2569165]

Just like core in #2164025: Improve security of session ID against DB exposure or SQL injection, the persistent login module should hash the sid value before storing it.

Issue fork persistent_login-2569165

Show commands

Start within a Git clone of the project using the version control instructions.

Add & fetch this issue fork’s repository

Or, if you do not have SSH keys set up on git.drupalcode.org:

Add & fetch this issue fork’s repository

2569165-hash-db-values changes, plain diff MR !3
Check out this branch for the first time

Check out existing branch, if you already have it locally

About issue forks

Comments

Comment #1

15 September 2015 at 22:52

greggles created an issue. See original summary.

Comment #2

gapple

he/they

English

commented 22 March 2023 at 22:05

Version:	7.x-1.x-dev	» 8.x-1.x-dev
Issue tags:		+Security improvements

Comment #3

22 March 2023 at 22:12

gapple opened merge request !3

Comment #4

22 March 2023 at 22:28

gapple committed adb13966 on 8.x-1.x

Issue #2569165 by gapple: Improve security of session ID against DB...

Comment #5

gapple

he/they

English

commented 22 March 2023 at 22:28

Title:	Improve security of session ID against DB exposure or SQL injection	» 2569165-hash-db-values
Status:	Active	» Fixed

Comment #6

gapple

he/they

English

commented 22 March 2023 at 22:30

Title:

2569165-hash-db-values

» Improve security of session ID against DB exposure or SQL injection

Comment #7

5 April 2023 at 22:34

Status:

Fixed

» Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

Improve security of session ID against DB exposure or SQL injection

Issue fork persistent_login-2569165

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Comment #5

Comment #6

Comment #7

Related issues

News items

Our community

Documentation

Drupal code base

Governance of community