Page MenuHomePhabricator
Differential D8546

Censor URI credentials in CommandException summaries
ClosedPublic
Actions

Authored by epriestley on Mar 15 2014, 3:53 PM.
Tags
None
Referenced Files
F15526152: D8546.id20275.diff
Mon, Apr 21, 7:38 PM
F15518508: D8546.id20279.diff
Sat, Apr 19, 2:04 PM
F15517601: D8546.id.diff
Sat, Apr 19, 7:06 AM
F15516614: D8546.diff
Fri, Apr 18, 8:01 PM
F15491561: D8546.diff
Sat, Apr 12, 4:54 AM
F15490143: D8546.id20275.diff
Fri, Apr 11, 2:43 PM
F15416928: D8546.id20275.diff
Mar 20 2025, 2:23 PM
F15397001: D8546.id20279.diff
Mar 16 2025, 5:33 PM
View All Files
Subscribers
epriestley

Details

Reviewers
btrahan
Maniphest Tasks
T4347: Some Git error messages include the full URI, including credentials
Commits
rPHU44faddd048df: Censor URI credentials in CommandException summaries
Summary

Fixes T4347. Make a simple effort to mask credentials (e.g., arising from stderr on git fetch) when formatting command failures for user consumption.

This isn't perfect, but I think it's a net positive overall.

Test Plan

Added and executed unit tests. Also triggered a real exception:

EXCEPTION (CommandException): Command failed with error #1!
COMMAND
echo 'http://xxxxx@example.com' && false

STDOUT
http://xxxxx@example.com


STDERR
(empty)

Diff Detail

Repository
rPHU libphutil
Branch
censor3
Lint
Lint Passed
Unit
Tests Passed

Event Timeline

epriestley updated this revision to Diff 20275.Mar 15 2014, 3:53 PM
epriestley retitled this revision from to Censor URI credentials in CommandException summaries.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: btrahan.
epriestley added a task: T4347: Some Git error messages include the full URI, including credentials.
Herald added a subscriber: epriestley.Mar 15 2014, 3:53 PM
btrahan accepted this revision.Mar 15 2014, 4:20 PM
btrahan edited edge metadata.
This revision is now accepted and ready to land.Mar 15 2014, 4:20 PM
epriestley closed this revision.Mar 15 2014, 6:27 PM
epriestley updated this revision to Diff 20279.

Closed by commit rPHU44faddd048df (authored by @epriestley).

epriestley mentioned this in T9966: Diffusion credentials may be leaked under some circumstances.Dec 12 2015, 12:11 AM

Revision Contents
Changeset List

PathSize
src/
future/
exec/
20 lines
utils/
__tests__/
30 lines
16 lines

Diff 20275

View Options

src/future/exec/CommandException.php

Loading...
View Options

src/utils/__tests__/PhutilUtilsTestCase.php

Loading...
View Options

src/utils/utils.php

Loading...
Phabricator · Built by Phacility