Details
-
Improvement
-
Resolution: Done
-
Major - P3
-
None
-
None
-
None
-
Server Security
Description
Similar to SERVER-10897, if drivers and the server don't engage in some canonicalization process for passwords, there is a strong risk for mismatches when the input device used by the end user produces a different encoding of a multi-code-point character, or a character that has multiple code point representations (a.k.a, greek capital omega and the Ohm symbol).
Attachments
Issue Links
- is related to
-
SERVER-10896 Enforce prohibition of embedded NULLs in role names.
-
- Closed
-
- related to
-
SERVER-10897 User and role names should be canonicalized by the server using Unicode canonicalization form NFC
-
- Backlog
-