Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Do not propagate api password (home-assistant#1797)
* Do not propagate API password in service requests. It makes service validation fail. The choice is to either handle it as an optional key in every service handler and make sure it doesn't end up in event stream and notifications, or to strip it as early as possible. * Some places still need a forwarded api password. - Event forwarding/remote api uses the local api password to authenticate against the remote instance. - The generated index.html at '/' embeds the api password.
- Loading branch information