Skip to content

fix: redact logging of sensitive config & CSRF validation#4955

Merged
ReenigneArcher merged 3 commits intoLizardByte:masterfrom
psyke83:redact_sensitive_config
Apr 8, 2026
Merged

fix: redact logging of sensitive config & CSRF validation#4955
ReenigneArcher merged 3 commits intoLizardByte:masterfrom
psyke83:redact_sensitive_config

Conversation

@psyke83
Copy link
Copy Markdown
Contributor

@psyke83 psyke83 commented Apr 6, 2026
edited
Loading

  • Currently redacts csrf_allowed_origins.
  • Add simple validation of CSRF entries to ensure they are prefixed
    with 'https://'.
  • Individual invalid CSRF entries will be logged unredacted to assist
    troubleshooting.

Description

Screenshot

Issues Fixed or Closed

Roadmap Issues

Type of Change

  • feat: New feature (non-breaking change which adds functionality)
  • fix: Bug fix (non-breaking change which fixes an issue)
  • docs: Documentation only changes
  • style: Changes that do not affect the meaning of the code (white-space, formatting, missing semicolons, etc.)
  • refactor: Code change that neither fixes a bug nor adds a feature
  • perf: Code change that improves performance
  • test: Adding missing tests or correcting existing tests
  • build: Changes that affect the build system or external dependencies
  • ci: Changes to CI configuration files and scripts
  • chore: Other changes that don't modify src or test files
  • revert: Reverts a previous commit
  • BREAKING CHANGE: Introduces a breaking change (can be combined with any type above)

Checklist

  • Code follows the style guidelines of this project
  • Code has been self-reviewed
  • Code has been commented, particularly in hard-to-understand areas
  • Code docstring/documentation-blocks for new or existing methods/components have been added or updated
  • Unit tests have been added or updated for any new or modified functionality

AI Usage

  • None: No AI tools were used in creating this PR
  • Light: AI provided minor assistance (formatting, simple suggestions)
  • Moderate: AI helped with code generation or debugging specific parts
  • Heavy: AI generated most or all of the code changes

@ReenigneArcher
Copy link
Copy Markdown
Member

ReenigneArcher commented Apr 6, 2026

If we're going to do this, can you add some basic regex validation to the allowed origins options so if it's not properly formatted it will at least log an error/warning. I think we basically only need to check that it starts with https://.

@psyke83 psyke83 force-pushed the redact_sensitive_config branch from 34a366a to d7f0fa9 Compare April 8, 2026 02:13
@psyke83 psyke83 changed the title fix: redact logging of sensitive config fix: redact logging of sensitive config & CSRF validation Apr 8, 2026
@psyke83 psyke83 force-pushed the redact_sensitive_config branch from d7f0fa9 to fd5db54 Compare April 8, 2026 02:16
@psyke83
fix: redact logging of sensitive config & CSRF validation
8b4cf78 
* Currently redacts csrf_allowed_origins.
* Add simple validation of CSRF entries to ensure they are prefixed
  with 'https://'.
* Individual invalid CSRF entries will be logged unredacted to assist
  troubleshooting.
@psyke83 psyke83 force-pushed the redact_sensitive_config branch from fd5db54 to 8b4cf78 Compare April 8, 2026 02:36
@psyke83 psyke83 marked this pull request as ready for review April 8, 2026 02:39
@psyke83
Copy link
Copy Markdown
Contributor Author

psyke83 commented Apr 8, 2026

@ReenigneArcher

Ready for review. I would say that the remaining SonarQube errors can be disregarded, as I'm following the established signature of apply_config's vars, and the new function's purpose is aimed at cutting down duplication of redaction logic in main.cpp. Let me know if you disagree.

It currently is only doing CSRF validation on the basis that the string is >8 chars and starts with 'https://'.

ReenigneArcher
ReenigneArcher previously approved these changes Apr 8, 2026
View reviewed changes
@codecov
Copy link
Copy Markdown

codecov bot commented Apr 8, 2026

Bundle Report

Bundle size has no change ✅

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Apr 8, 2026

Quality Gate Failed Quality Gate failed

Failed conditions
2 New issues
2 New Code Smells (required ≤ 0)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

@codecov
Copy link
Copy Markdown

codecov bot commented Apr 8, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 0% with 16 lines in your changes missing coverage. Please review.
✅ Project coverage is 18.00%. Comparing base (e61d9ba) to head (b561bc7).
⚠️ Report is 1 commits behind head on master.
✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
src/config.cpp 0.00% 12 Missing and 4 partials ⚠️
Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff            @@
##           master    #4955     +/-   ##
=========================================
  Coverage   17.99%   18.00%             
=========================================
  Files         108      108             
  Lines       23317    23326      +9     
  Branches    10263    10268      +5     
=========================================
+ Hits         4197     4200      +3     
+ Misses      16033    14182   -1851     
- Partials     3087     4944   +1857
Flag Coverage Δ
Archlinux 11.67% <0.00%> (-0.01%) ⬇️
FreeBSD-14.3-aarch64 ?
FreeBSD-14.3-amd64 13.56% <0.00%> (-0.04%) ⬇️
Homebrew-ubuntu-22.04 14.00% <0.00%> (-0.02%) ⬇️
Linux-AppImage 12.20% <0.00%> (-0.01%) ⬇️
Windows-AMD64 14.90% <0.00%> (-0.02%) ⬇️
Windows-ARM64 13.23% <0.00%> (-0.01%) ⬇️
macOS-arm64 19.02% <ø> (ø)
macOS-x86_64 18.38% <ø> (-0.02%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
src/config.h 0.00% <ø> (ø)
src/config.cpp 3.11% <0.00%> (-0.05%) ⬇️

... and 48 files with indirect coverage changes

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e61d9ba...b561bc7. Read the comment docs.

@ReenigneArcher ReenigneArcher merged commit 31b8580 into LizardByte:master Apr 8, 2026
71 of 73 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ReenigneArcher ReenigneArcher ReenigneArcher left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@psyke83 @ReenigneArcher