password displayed with new yahoo login code
Ka-Hing Cheung
khc at hxbc.us
Thu Apr 30 01:18:50 EDT 2009
On Thu, 2009-04-30 at 10:36 +0530, Sulabh Mahajan wrote:
> purple_util_fetch_url_request() used to access the url, has the
> following debug line which prints the password in the log,
>
> purple_debug_info("util",
> "requested to fetch (%s), full=%d, user_agent=(%s),
> http11=%d\n",
> url, full, user_agent?user_agent:"(null)", http11);
>
>
> What should be our course of action to prevent showing the password in
> the debug log?
I suggest stripping the param string and only log the location part.
-khc
More information about the Devel
mailing list