]> source.dussan.org Git - nextcloud-server.git/commitdiff
projects / nextcloud-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: da4fe3d)
fix(logger): Fix closure detection when filtering sensitive parameters
authorJoas Schilling <coding@schilljs.com>
Fri, 8 Nov 2024 10:48:22 +0000 (11:48 +0100)
committerJoas Schilling <coding@schilljs.com>
Fri, 8 Nov 2024 11:59:14 +0000 (12:59 +0100)
Signed-off-by: Joas Schilling <coding@schilljs.com>
lib/private/Log/ExceptionSerializer.php patch | blob | history

diff --git a/lib/private/Log/ExceptionSerializer.php b/lib/private/Log/ExceptionSerializer.php
index 904107f6998fb4d26023064951ce3cea31b0136c..6d94bf51f4581b6294ce4cd38351dffbc444fc3c 100644 (file)
--- a/lib/private/Log/ExceptionSerializer.php
+++ b/lib/private/Log/ExceptionSerializer.php
@@ -34,6 +34,7 @@ class ExceptionSerializer {
                'validateUserPass',
                'loginWithToken',
                '{closure}',
+               '{closure:*',
                'createSessionToken',
 
                // Provisioning
@@ -200,7 +201,9 @@ class ExceptionSerializer {
                                return $this->editTrace($sensitiveValues, $traceLine);
                        }
                        foreach (self::methodsWithSensitiveParameters as $sensitiveMethod) {
-                               if (str_contains($traceLine['function'], $sensitiveMethod)) {
+                               if (str_contains($traceLine['function'], $sensitiveMethod)
+                                       || (str_ends_with($sensitiveMethod, '*')
+                                               && str_starts_with($traceLine['function'], substr($sensitiveMethod, 0, -1)))) {
                                        return $this->editTrace($sensitiveValues, $traceLine);
                                }
                        }
Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server