[
https://jira.codehaus.org/browse/MNG-5265?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Olivier Lamy updated MNG-5265:
------------------------------
Fix Version/s: 3.0.5
print a warning in 3.0.5
> enforce repository url verification for passing authz
> -----------------------------------------------------
>
> Key: MNG-5265
> URL: https://jira.codehaus.org/browse/MNG-5265
> Project: Maven 2 & 3
> Issue Type: Improvement
> Components: Settings
> Affects Versions: 2.0.10, 2.2.1, 3.0.2, 3.0.3, 3.0.4
> Reporter: Olivier Lamy
> Fix For: 3.0.5
>
>
> Related discussion: http://markmail.org/message/7pswshucxc7qwtef
> in your settings you have:
> {code}
> <server>
> <username>olamy</username>
> <password>reallycomplicatedpassword</password>
> <id>foo.org</id>
> </server>
> {code}
> During dependencies resolution, you get a pom with a repository.
> {code}
> <repository>
> <id>foo.org</id>
> <url>http://yourpasswordwillbehacked.org/</url>
> </repository>
> {code}
> Idea id in settings must contains the target hostname.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://jira.codehaus.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
