diff options
| author | Urban Müller | 2024-10-04 16:27:15 +0200 |
|---|---|---|
| committer | Urban Müller | 2024-10-04 16:27:15 +0200 |
| commit | 88cef74ff059c85e15ca5f9f9dff7c874780be58 (patch) | |
| tree | e54b408e717b693f98f5278be8114e6779eb80a6 | |
| parent | e089c18f91a345e8bf9edd8864bbde9b8555548a (diff) | |
| download | itools-88cef74ff059c85e15ca5f9f9dff7c874780be58.tar.gz itools-88cef74ff059c85e15ca5f9f9dff7c874780be58.tar.bz2 itools-88cef74ff059c85e15ca5f9f9dff7c874780be58.zip | |
avoid leaking API keys in err messages
| -rw-r--r-- | it.class | 6 |
1 files changed, 3 insertions, 3 deletions
@@ -287,7 +287,7 @@ static function error($p = array(), $extra = null) if ($sendmail || EDC('verboseerrors')) # we're mailing: send maximum info { - $p['title'] = it::replace(['alert:|server:|^: "' => "", '(pw|passw|password\d*|secret)(=)[^&\s]*' => '$1$2*****'], "$service: " . $p['title']) . " (via " . getenv('HOSTNAME') . ")"; + $p['title'] = it::replace(['alert:|server:|^: "' => "", '(pw|passw|password\d*|secret|api.?key)(=)[^&\s]*' => '$1$2*****'], "$service: " . $p['title']) . " (via " . getenv('HOSTNAME') . ")"; if (!$p['omitdebuginfo']) { @@ -308,8 +308,8 @@ static function error($p = array(), $extra = null) $body .= "Processes:\n" . it::exec('ps auxf | egrep -v "rotatelogs|getbanner|logaction|httpd|systemd|sd-pam"|egrep "^www|^cron"') . "\n"; $body .= $longstack ? "Full stack: " . "$longstack\n" : ""; - $body = it::replace(['(pw|passw|password\d*|secret)(\' => |\] => |=)[^&\s]*' => '$1$2********'], $body, ['utf8' => false]); - $body = it::replace(['"(pw|passw|password\d*|secret)": *"[^"]*"' => '"$1": "*******"'], $body, ['utf8' => false]); + $body = it::replace(['(pw|passw|password\d*|secret|api.?key)(\' => |\] => |=)[^&\s]*' => '$1$2********'], $body, ['utf8' => false]); + $body = it::replace(['"(pw|passw|password\d*|secret|api.?key)": *"[^"]*"' => '"$1": "*******"'], $body, ['utf8' => false]); } $type = ($p['fatal'] ? (it::is_live() ? "FATAL: " : "Fatal: ") : "Error: "); |