Page MenuHomePhabricator
Create Task
Maniphest T411567

Make use of SensitiveParameter attribute to replace custom stack trace redaction
Open, Needs TriagePublic
Actions

Description

Quoting T347135: Allow full unredacted stack trace for development

It seems this was initially controlled by a variable for select list of functions (that actually needed this masking, e.g. password strings) before being extended to everything in change 92334. The link given as the reason for the latter change is https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/FOSXLMTUZBDDP6FPVDFBJYJFQTAVOPKE/. Whatever was that however, does not even matter, for local development it should be configurable.

Additionally, in general, with the the introduction of SensitiveParameter attribute at PHP 8.2, I think this custom redaction logic should just be discarded completely in favor of the selective redaction through the PHP attribute.

Now T358666: Drop PHP 8.1 support from MediaWiki is in progress (effectively we've dropped PHP 8.1 support in favour of PHP 8.2), we should look at moving forward on doing something with this...

Related Objects

Event Timeline

Reedy created this task.Wed, Dec 3, 1:03 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptWed, Dec 3, 1:03 AM
bd808 added subscribers: ori, bd808.Wed, Dec 3, 1:43 AM

I believe relying on this is still functionally what @ori was against when he said "The task of making $wgRedactedFunctionArguments comprehensive is hopelessly gargantuan. It would require something like a full trace of the flow of data throughout all of MediaWiki and its extensions." in the liked email announcement. MediaWiki is too big to reasonably expect that we can track every variable that may contain "sensitive" data. I don't object to introducing the attribute, but I don't think we can reasonably expect it to become a comprehensive solution for web facing stack traces.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits