From 15bb71764e7820a9df4ad5cd5b13963bc90fd6ad Mon Sep 17 00:00:00 2001 From: Nick Grimshaw Date: Mon, 14 Apr 2025 18:08:32 +0100 Subject: [PATCH] =?UTF-8?q?Redact=20HTTP=20credentials=20from=20"Syncing?= =?UTF-8?q?=E2=80=A6"=20message=20(#3846)=20(#3847)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/commands/CmdSync.cpp | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/commands/CmdSync.cpp b/src/commands/CmdSync.cpp index c0fa93c36..15e07469d 100644 --- a/src/commands/CmdSync.cpp +++ b/src/commands/CmdSync.cpp @@ -36,6 +36,7 @@ #include #include +#include #include //////////////////////////////////////////////////////////////////////////////// @@ -78,6 +79,10 @@ int CmdSync::execute(std::string& output) { out << "sync.server.origin is deprecated. Use sync.server.url instead.\n"; } + // redact credentials from `server_url`, if present + std::regex remove_creds_regex("^(https?://.+):(.+)@(.+)"); + std::string safe_server_url = std::regex_replace(server_url, remove_creds_regex, "$1:****@$3"); + if (server_dir != "") { if (verbose) { out << format("Syncing with {1}", server_dir) << '\n'; @@ -144,7 +149,7 @@ int CmdSync::execute(std::string& output) { throw std::string("sync.server.client_id and sync.encryption_secret are required"); } if (verbose) { - out << format("Syncing with sync server at {1}", server_url) << '\n'; + out << format("Syncing with sync server at {1}", safe_server_url) << '\n'; } replica->sync_to_remote(server_url, tc::uuid_from_string(client_id), encryption_secret, avoid_snapshots);