漏洞

In ArcGIS for Server 10.3, passing the username and password credentials in plain text to generate tokens through a HTTP Get request is not possible. The link provided below is of a documentation which is worded in a way that confuses customers about this workflow: http://server.arcgis.com/en/server/latest/administer/windows/enabling-token-acquisition-through-http-requests.htm Even if Get requests are enabled via the documentation, they are still unusable with credentials, which is pointless to enable them at all. It also contradicts another documentation (link provided below) that explicitly states that passing credentials in plain text through Get requests is not possible. http://server.arcgis.com/en/server/latest/administer/windows/acquiring-arcgis-tokens.htm

上次发布: August 6, 2015 ArcGIS for Server