Redact login and password when printing out internal hash values (#274)
* Redact login and password when printing out internal hash values * Remove from debug message in geturl() parameters sent as part of a URL * Update comment with password redaction Making it clearer that all parameters are redacted, not just password related ones. Co-authored-by: DaveSophoServices <dave@sophoservices.com>
This commit is contained in:
David Kerr
GitHub
parent
7fea824ec1
commit
b84f2334e4
1 changed files with 7 additions and 2 deletions
|
|
@ -1893,7 +1893,12 @@ sub _print_hash {
|
||||||
$value = "<undefined>";
|
$value = "<undefined>";
|
||||||
} elsif (ref $ptr eq 'HASH') {
|
} elsif (ref $ptr eq 'HASH') {
|
||||||
foreach my $key (sort keys %$ptr) {
|
foreach my $key (sort keys %$ptr) {
|
||||||
_print_hash("${string}\{$key\}", $ptr->{$key});
|
if (($key eq "login") || ($key eq "password")) {
|
||||||
|
$value = "<redacted>";
|
||||||
|
} else {
|
||||||
|
$value = $ptr->{$key};
|
||||||
|
}
|
||||||
|
_print_hash("${string}\{$key\}", $value);
|
||||||
}
|
}
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
@ -2336,7 +2341,7 @@ sub fetch_via_socket_io {
|
||||||
debug("proxy = %s", $proxy // '<undefined>');
|
debug("proxy = %s", $proxy // '<undefined>');
|
||||||
debug("protocol = %s", $use_ssl ? "https" : "http");
|
debug("protocol = %s", $use_ssl ? "https" : "http");
|
||||||
debug("server = %s", $server);
|
debug("server = %s", $server);
|
||||||
(my $_url = $url) =~ s%\?.*%?<redacted>%; #redact possible credentials
|
(my $_url = $url) =~ s%\?.*%?<redacted>%; #redact ALL parameters passed on URL, including possible passwords
|
||||||
debug("url = %s", $_url);
|
debug("url = %s", $_url);
|
||||||
debug("ip ver = %s", $ipversion);
|
debug("ip ver = %s", $ipversion);
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue