Use "%P" to protect session key hashes in SessionEngine queries from DarkConsole
This secret isn't critical to protect (it's the hash of the actual secret and not useful to attackers on its own) but it shows up on every page in DarkConsole and is an obvious case where %P is a more appropriate conversion.
Note "*****" in the middle of the output here, instead of a session key hash:
Reviewed By: amckinley
Differential Revision: https://secure.phabricator.com/D19812