mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Remove the password from the validateUserPass() method as well

This commit is contained in:
Joas Schilling 2016-04-29 09:23:36 +02:00
parent 173e304be9
commit 5da9f10af2
No known key found for this signature in database
GPG Key ID: 70A0B324C41C0946
2 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/private/log.php
View File

@ -284,7 +284,7 @@ class Log implements ILogger {
'File' => $exception->getFile(),
'Line' => $exception->getLine(),
);
$exception['Trace'] = preg_replace('!(login|checkPassword|updatePrivateKeyPassword)\(.*\)!', '$1(*** username and password replaced ***)', $exception['Trace']);
$exception['Trace'] = preg_replace('!(login|checkPassword|updatePrivateKeyPassword|validateUserPass)\(.*\)!', '$1(*** username and password replaced ***)', $exception['Trace']);
$msg = isset($context['message']) ? $context['message'] : 'Exception';
$msg .= ': ' . json_encode($exception);
$this->error($msg, $context);

15
tests/lib/logger.php
View File

@ -107,4 +107,19 @@ class Logger extends TestCase {
$this->assertContains('checkPassword(*** username and password replaced ***)', $logLine);
}
}
/**
* @dataProvider userAndPasswordData
*/
public function testDetectvalidateUserPass($user, $password) {
$e = new \Exception('test');
$this->logger->logException($e);
$logLines = $this->getLogs();
foreach($logLines as $logLine) {
$this->assertNotContains($user, $logLine);
$this->assertNotContains($password, $logLine);
$this->assertContains('validateUserPass(*** username and password replaced ***)', $logLine);
}
}
}