Addresses #1853, redact session provider secrets

In cases where a database is used for session storage, redact the session_provider config value. I assumed "@" as the marker for a database vs file/memory.

Addresses #1853, redact session provider secrets
In cases where a database is used for session storage, redact the session_provider config value. I assumed "@" as the marker for a database vs file/memory.
09b0e6e3 · Haneysmith, Nathan · 5ca8d590 · 09b0e6e3
Commit 09b0e6e3 authored May 15, 2015 by Haneysmith, Nathan
Hide whitespace changes
Inline Side-by-side

Showing with 1 additions and 1 deletions

pkg/api/admin_settings.go
+1 -1

No files found.
--- a/pkg/api/admin_settings.go
+++ b/pkg/api/admin_settings.go
@@ -17,7 +17,7 @@ func AdminGetSettings(c *middleware.Context) {
 		for _, key := range section.Keys() {
 			keyName := key.Name()
 			value := key.Value()
-			if strings.Contains(keyName, "secret") || strings.Contains(keyName, "password") {
+			if strings.Contains(keyName, "secret") || strings.Contains(keyName, "password") || (strings.Contains(keyName, "provider_config") && strings.Contains(value, "@"))  {
 				value = "************"
 			}