|
|
|
|
|
|
by tarnacious_
3119 days ago
|
|
|
This is a good comment and touches a lot of concerns I have with the service. On debugProxy, username and password "sessions" are disabled after 20 minutes of inactivity. This was implemented, in part, to combat the issue of people forgetting they were still connected to the proxy. Also, I don't want to, nor do I have a enough disk space to store things for long. So body data over 20 minutes old is periodically permanently removed. Header data lasts a bit longer, but is also periodically permanently removed. This will not prevent users sending private credentials over the proxy, but it's hard to prevent that as you say, so hopefully this mitigates the problem a bit. Of course you still have to trust the service, for some people that will be totally unacceptable, which is fine. |
|
|