Hide the password to prevent it being accidently displayed #2
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Welcome to Codecov 🎉Once you merge this PR into your default branch, you're all set! Codecov will compare coverage reports and display results in all future pull requests. Thanks for integrating Codecov - We've got you covered ☂️ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Problem
While testing
innmind/s3an error occurred and displayed the bucket object along its url. The url contained the bucket password. Since this is a sensitive value it should never be exposed.Solution
Wrap the password string inside a
SensitiveParameterValueso tools likevar_dump,symfony/var-dumperor loggers know the value should not be displayed.Note
The password is still exposed when building the
Passwordobject as a parameter or the exception. The exception is not modified for backward compatibility. The parameters are not flagged asSensitiveParameterto help developers debug their code, this is relatively safe as mostUrls should be built at compile time (where any exception should not be displayed to end users) and the ones built at runtime should be wrapped inside atry/catch(and once again not expose the exception message).These decisions may change in a future major version if feedback suggest it's better to hide everything.