Commit 09b0e6e3 by Haneysmith, Nathan

Addresses #1853, redact session provider secrets

In cases where a database is used for session storage, redact the
session_provider config value. I assumed "@" as the marker for a
database vs file/memory.
parent 5ca8d590
...@@ -17,7 +17,7 @@ func AdminGetSettings(c *middleware.Context) { ...@@ -17,7 +17,7 @@ func AdminGetSettings(c *middleware.Context) {
for _, key := range section.Keys() { for _, key := range section.Keys() {
keyName := key.Name() keyName := key.Name()
value := key.Value() value := key.Value()
if strings.Contains(keyName, "secret") || strings.Contains(keyName, "password") { if strings.Contains(keyName, "secret") || strings.Contains(keyName, "password") || (strings.Contains(keyName, "provider_config") && strings.Contains(value, "@")) {
value = "************" value = "************"
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment