diff options
author | BlackDex <[email protected]> | 2022-12-08 13:35:53 +0100 |
---|---|---|
committer | BlackDex <[email protected]> | 2022-12-10 17:55:59 +0100 |
commit | 4a85dd24805a4dc9ae0b2d1840e3f483325013d2 (patch) | |
tree | 21576d39047b73f01d8a9910e02dba1f4f9aca1c | |
parent | b7c9a346c1f7f664f2bda997632cb14fdd55b94d (diff) | |
download | vaultwarden-4a85dd24805a4dc9ae0b2d1840e3f483325013d2.tar.gz vaultwarden-4a85dd24805a4dc9ae0b2d1840e3f483325013d2.zip |
Increase privacy of masked config
This changes the masking function to hide a bit more information from
the generated support string. It will still keep showing the `://` for
example, and `,`, but other characters will be hidden.
Also did some small changes on some key's which all showed up as
`Internal` on the Settings page.
Fixes #2929
-rw-r--r-- | src/config.rs | 31 |
1 files changed, 20 insertions, 11 deletions
diff --git a/src/config.rs b/src/config.rs index eb776bb9..edf5bbfe 100644 --- a/src/config.rs +++ b/src/config.rs @@ -232,14 +232,23 @@ macro_rules! make_config { /// We map over the string and remove all alphanumeric, _ and - characters. /// This is the fastest way (within micro-seconds) instead of using a regex (which takes mili-seconds) fn _privacy_mask(value: &str) -> String { - value.chars().map(|c| - match c { - c if c.is_alphanumeric() => '*', - '_' => '*', - '-' => '*', - _ => c - } - ).collect::<String>() + let mut n: u16 = 0; + let mut colon_match = false; + value + .chars() + .map(|c| { + n += 1; + match c { + ':' if n <= 11 => { + colon_match = true; + c + } + '/' if n <= 13 && colon_match => c, + ',' => c, + _ => '*', + } + }) + .collect::<String>() } serde_json::Value::Object({ @@ -475,9 +484,9 @@ make_config! { /// service is set, an icon request to Vaultwarden will return an HTTP redirect to the /// corresponding icon at the external service. icon_service: String, false, def, "internal".to_string(); - /// Internal + /// _icon_service_url _icon_service_url: String, false, gen, |c| generate_icon_service_url(&c.icon_service); - /// Internal + /// _icon_service_csp _icon_service_csp: String, false, gen, |c| generate_icon_service_csp(&c.icon_service, &c._icon_service_url); /// Icon redirect code |> The HTTP status code to use for redirects to an external icon service. /// The supported codes are 301 (legacy permanent), 302 (legacy temporary), 307 (temporary), and 308 (permanent). @@ -613,7 +622,7 @@ make_config! { helo_name: String, true, option; /// Embed images as email attachments. smtp_embed_images: bool, true, def, true; - /// Internal + /// _smtp_img_src _smtp_img_src: String, false, gen, |c| generate_smtp_img_src(c.smtp_embed_images, &c.domain); /// Enable SMTP debugging (Know the risks!) |> DANGEROUS: Enabling this will output very detailed SMTP messages. This could contain sensitive information like passwords and usernames! Only enable this during troubleshooting! smtp_debug: bool, false, def, false; |