Merge pull request #8279 from glaubinix/f/github-access-token-debug
GitHub: don't display access token in debug log on redirectpull/8305/head
commit
3e42ca61a5
|
@ -301,7 +301,7 @@ class RemoteFilesystem
|
|||
|
||||
$actualContextOptions = stream_context_get_options($ctx);
|
||||
$usingProxy = !empty($actualContextOptions['http']['proxy']) ? ' using proxy ' . $actualContextOptions['http']['proxy'] : '';
|
||||
$this->io->writeError((substr($origFileUrl, 0, 4) === 'http' ? 'Downloading ' : 'Reading ') . $origFileUrl . $usingProxy, true, IOInterface::DEBUG);
|
||||
$this->io->writeError((substr($origFileUrl, 0, 4) === 'http' ? 'Downloading ' : 'Reading ') . $this->stripCredentialsFromUrl($origFileUrl) . $usingProxy, true, IOInterface::DEBUG);
|
||||
unset($origFileUrl, $actualContextOptions);
|
||||
|
||||
// Check for secure HTTP, but allow insecure Packagist calls to $hashed providers as file integrity is verified with sha256
|
||||
|
@ -873,7 +873,7 @@ class RemoteFilesystem
|
|||
$this->redirects++;
|
||||
|
||||
$this->io->writeError('', true, IOInterface::DEBUG);
|
||||
$this->io->writeError(sprintf('Following redirect (%u) %s', $this->redirects, $targetUrl), true, IOInterface::DEBUG);
|
||||
$this->io->writeError(sprintf('Following redirect (%u) %s', $this->redirects, $this->stripCredentialsFromUrl($targetUrl)), true, IOInterface::DEBUG);
|
||||
|
||||
$additionalOptions['redirects'] = $this->redirects;
|
||||
|
||||
|
@ -1123,4 +1123,11 @@ class RemoteFilesystem
|
|||
|
||||
return $hostPort;
|
||||
}
|
||||
|
||||
private function stripCredentialsFromUrl($url)
|
||||
{
|
||||
// GitHub repository rename result in redirect locations containing the access_token as GET parameter
|
||||
// e.g. https://api.github.com/repositories/9999999999?access_token=github_token
|
||||
return preg_replace('{([&?]access_token=)[^&]+}', '$1***', $url);
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue