NetTalk Central

NetTalk Web Server => Web Server - Ask For Help => Topic started by: Jane on December 24, 2022, 06:56:40 PM

Title: Hiding password (etc) in web server log
Post by: Jane on December 24, 2022, 06:56:40 PM: Grinchly Greetings, Obi Wan!

I was interested in the solution you worked out for masking passwords in the web server log display during this week's webinar.

What you showed mostly works.

BUT? it still leaks passwords BEFORE they get to the AddLog section of code.
As soon as you move around in the log and then come back to the POST, the value has been masked by the code you added in AddLog. But initially it displays on the screen.

If there were an embed available in StartNewThread, before the ?web:LastPost is first displayed, that initial display of sensitive data could be avoided.

[Edited to add - would you add an embed before that DISPLAY statement ? ]

Of course, that requires running the filtering code twice :-\

Holiday Cheers,

Jane

SMF 2.0.19 | SMF © 2021, Simple Machines