Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix: remove sensitive logs #116

Merged
merged 7 commits into from
Nov 4, 2023
Merged

Fix: remove sensitive logs #116

merged 7 commits into from
Nov 4, 2023

Conversation

tchapi
Copy link
Owner

@tchapi tchapi commented Oct 29, 2023

This will filter out passwords from logs, and filter out sensitive arguments from a subset of functions too for safety

@tchapi tchapi self-assigned this Oct 29, 2023
@tchapi tchapi added the enhancement New feature or request label Oct 29, 2023
@tchapi tchapi mentioned this pull request Oct 29, 2023
Closed
tchapi
tchapi commented Oct 29, 2023
View reviewed changes
src/Services/IMAPAuth.php
Comment on lines -65 to +70
$em->flush();

try {
$em->flush();
} catch (\Exception $e) {
error_log('IMAP Error (flush): '.$e->getMessage());
}
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Catching the exception will allow to continue (as the auth succeeded) and not log the trace, if any

tchapi
tchapi commented Oct 29, 2023
View reviewed changes
src/Services/LDAPAuth.php
Comment on lines -164 to +168
$em->flush();

try {
$em->flush();
} catch (\Exception $e) {
error_log('LDAP Error (flush): '.$e->getMessage());
}
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Catching the exception will allow to continue (as the auth succeeded) and not log the trace, if any

tchapi
tchapi commented Nov 1, 2023
View reviewed changes
.env
Comment on lines +71 to +75

# Logging path
# By default, it will log in the standard Symfony directory: var/log/prod.log (for production)
# You can use /dev/null here if you want to discard logs entirely
LOG_FILE_PATH="%kernel.logs_dir%/%kernel.environment%.log"
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here for the env var

@tchapi tchapi force-pushed the fix/sensitive-logs branch 2 times, most recently from 4f303a4 to 3d2ced0 Compare November 4, 2023 13:03
@tchapi tchapi force-pushed the fix/sensitive-logs branch from 3d2ced0 to db1ef33 Compare November 4, 2023 13:19
@tchapi tchapi marked this pull request as ready for review November 4, 2023 13:19
@tchapi tchapi merged commit 77eef38 into master Nov 4, 2023
8 checks passed
@tchapi tchapi deleted the fix/sensitive-logs branch November 4, 2023 20:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@tchapi tchapi

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@tchapi