Increase privacy of masked config

This changes the masking function to hide a bit more information from
the generated support string. It will still keep showing the `://` for
example, and `,`, but other characters will be hidden.

Also did some small changes on some key's which all showed up as
`Internal` on the Settings page.

Fixes #2929
This commit is contained in:
BlackDex 2022-12-08 13:35:53 +01:00
parent b7c9a346c1
commit 4a85dd2480
No known key found for this signature in database
GPG Key ID: 58C80A2AA6C765E1
1 changed files with 20 additions and 11 deletions

View File

@ -232,14 +232,23 @@ macro_rules! make_config {
/// We map over the string and remove all alphanumeric, _ and - characters. /// We map over the string and remove all alphanumeric, _ and - characters.
/// This is the fastest way (within micro-seconds) instead of using a regex (which takes mili-seconds) /// This is the fastest way (within micro-seconds) instead of using a regex (which takes mili-seconds)
fn _privacy_mask(value: &str) -> String { fn _privacy_mask(value: &str) -> String {
value.chars().map(|c| let mut n: u16 = 0;
let mut colon_match = false;
value
.chars()
.map(|c| {
n += 1;
match c { match c {
c if c.is_alphanumeric() => '*', ':' if n <= 11 => {
'_' => '*', colon_match = true;
'-' => '*', c
_ => c
} }
).collect::<String>() '/' if n <= 13 && colon_match => c,
',' => c,
_ => '*',
}
})
.collect::<String>()
} }
serde_json::Value::Object({ serde_json::Value::Object({
@ -475,9 +484,9 @@ make_config! {
/// service is set, an icon request to Vaultwarden will return an HTTP redirect to the /// service is set, an icon request to Vaultwarden will return an HTTP redirect to the
/// corresponding icon at the external service. /// corresponding icon at the external service.
icon_service: String, false, def, "internal".to_string(); icon_service: String, false, def, "internal".to_string();
/// Internal /// _icon_service_url
_icon_service_url: String, false, gen, |c| generate_icon_service_url(&c.icon_service); _icon_service_url: String, false, gen, |c| generate_icon_service_url(&c.icon_service);
/// Internal /// _icon_service_csp
_icon_service_csp: String, false, gen, |c| generate_icon_service_csp(&c.icon_service, &c._icon_service_url); _icon_service_csp: String, false, gen, |c| generate_icon_service_csp(&c.icon_service, &c._icon_service_url);
/// Icon redirect code |> The HTTP status code to use for redirects to an external icon service. /// Icon redirect code |> The HTTP status code to use for redirects to an external icon service.
/// The supported codes are 301 (legacy permanent), 302 (legacy temporary), 307 (temporary), and 308 (permanent). /// The supported codes are 301 (legacy permanent), 302 (legacy temporary), 307 (temporary), and 308 (permanent).
@ -613,7 +622,7 @@ make_config! {
helo_name: String, true, option; helo_name: String, true, option;
/// Embed images as email attachments. /// Embed images as email attachments.
smtp_embed_images: bool, true, def, true; smtp_embed_images: bool, true, def, true;
/// Internal /// _smtp_img_src
_smtp_img_src: String, false, gen, |c| generate_smtp_img_src(c.smtp_embed_images, &c.domain); _smtp_img_src: String, false, gen, |c| generate_smtp_img_src(c.smtp_embed_images, &c.domain);
/// Enable SMTP debugging (Know the risks!) |> DANGEROUS: Enabling this will output very detailed SMTP messages. This could contain sensitive information like passwords and usernames! Only enable this during troubleshooting! /// Enable SMTP debugging (Know the risks!) |> DANGEROUS: Enabling this will output very detailed SMTP messages. This could contain sensitive information like passwords and usernames! Only enable this during troubleshooting!
smtp_debug: bool, false, def, false; smtp_debug: bool, false, def, false;