Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F3289670
T125177.patch
Tgr (Gergő Tisza)
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
Tgr
Jan 29 2016, 2:11 AM
2016-01-29 02:11:13 (UTC+0)
Size
847 B
Referenced Files
None
Subscribers
None
T125177.patch
View Options
From 91757fff4b8c5931f002eca5ae400a1334f63713 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gerg=C5=91=20Tisza?= <gtisza@wikimedia.org>
Date: Fri, 29 Jan 2016 02:01:18 +0000
Subject: [PATCH] SECURITY: Redact passwords in API log
Bug: T125177
Change-Id: Id527e1e874c8246e047efd5da1ce93d5231b60c1
---
includes/api/ApiMain.php | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/includes/api/ApiMain.php b/includes/api/ApiMain.php
index 6ddc28a..873e1a5 100644
--- a/includes/api/ApiMain.php
+++ b/includes/api/ApiMain.php
@@ -1331,6 +1331,10 @@ class ApiMain extends ApiBase {
continue;
}
+ if ( $name === 'password' || $name === 'lgpassword' ) {
+ $value = 'REDACTED';
+ }
+
if ( strlen( $value ) > 256 ) {
$value = substr( $value, 0, 256 );
$encValue = $this->encodeRequestLogValue( $value ) . '[...]';
--
1.9.1
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3297057
Default Alt Text
T125177.patch (847 B)
Attached To
Mode
T125177: api.log contains passwords in plaintext
Attached
Detach File
Event Timeline
Log In to Comment