projects / GitHub / WoltLab / WCF.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 22eabfc)
Consider parameters with password|passphrase|secret in their name to be sensitive
authorTim Düsterhus <duesterhus@woltlab.com>
Tue, 4 May 2021 09:52:44 +0000 (11:52 +0200)
committerTim Düsterhus <duesterhus@woltlab.com>
Tue, 4 May 2021 09:53:11 +0000 (11:53 +0200)
wcfsetup/install/files/lib/core.functions.php patch | blob | blame | history

diff --git a/wcfsetup/install/files/lib/core.functions.php b/wcfsetup/install/files/lib/core.functions.php
index f96e050e11287a54d58b0991772a06a060784107..d325c4acd44a3dbd6bbf73b13644caeaaed4a62c 100644 (file)
--- a/wcfsetup/install/files/lib/core.functions.php
+++ b/wcfsetup/install/files/lib/core.functions.php
@@ -733,6 +733,12 @@ EXPLANATION;
                                ) {
                                        $isSensitive = true;
                                }
+                               if (\preg_match(
+                                       '/(?:^(?:password|passphrase|secret)|(?:Password|Passphrase|Secret))/',
+                                       $parameter->getName()
+                               )) {
+                                       $isSensitive = true;
+                               }
 
                                if ($isSensitive && isset($item['args'][$i])) {
                                        $item['args'][$i] = '[redacted]';
WoltLab Suite Core (previously WoltLab Community Framework)