IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Addresses #1853, redact session provider secrets

Browse Source 
In cases where a database is used for session storage, redact the
session_provider config value. I assumed "@" as the marker for a
database vs file/memory.
This commit is contained in:
Haneysmith, Nathan 2015-05-15 11:11:02 -07:00
parent 5ca8d590bd
commit 09b0e6e388
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/api/admin_settings.go
View File

@ -17,7 +17,7 @@ func AdminGetSettings(c *middleware.Context) {
for _, key := range section.Keys() {
keyName := key.Name()
value := key.Value()
if strings.Contains(keyName, "secret") || strings.Contains(keyName, "password") {
if strings.Contains(keyName, "secret") || strings.Contains(keyName, "password") || (strings.Contains(keyName, "provider_config") && strings.Contains(value, "@")) {
value = "************"
}