[wp-trac] [WordPress Trac] #57304: Add SensitiveParameter attribute to DB connection and login variables
WordPress Trac
noreply at wordpress.org
Mon Feb 3 19:51:07 UTC 2025
#57304: Add SensitiveParameter attribute to DB connection and login variables
-----------------------------+--------------------------
Reporter: TobiasBg | Owner: johnbillion
Type: enhancement | Status: closed
Priority: normal | Milestone: 6.8
Component: Security | Version:
Severity: normal | Resolution: fixed
Keywords: php82 has-patch | Focuses:
-----------------------------+--------------------------
Changes (by johnbillion):
* owner: (none) => johnbillion
* status: new => closed
* resolution: => fixed
Comment:
In [changeset:"59754" 59754]:
{{{
#!CommitTicketReference repository="" revision="59754"
Security: Add the `SensitiveParameter` attribute to sensitive parameters.
Values passed to parameters with this attribute will be redacted if
present in a stack trace when using PHP 8.2 or later. This reduces the
chance that passwords and security keys get accidentally exposed in debug
logs and bug reports.
Props petitphp, TobiasBg, jrf, johnbillion.
Fixes #57304
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/57304#comment:21>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list