From 52a50e9adeb8520fca9d96d83cbc2d06cb3d4c91 Mon Sep 17 00:00:00 2001 From: "Helmut K. C. Tessarek" Date: Fri, 9 Dec 2022 16:31:40 -0500 Subject: [PATCH 1/2] Improve comments - The first one was not a proper sentence. - The second one mixed passive and active form in the secon d part of the sentence. --- .env.template | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.env.template b/.env.template index 22877f15..7ccdacd3 100644 --- a/.env.template +++ b/.env.template @@ -83,11 +83,11 @@ ## Controls whether event logging is enabled for organizations ## This setting applies to organizations. -## Default this is disabled. Also check the EVENT_CLEANUP_SCHEDULE and EVENTS_DAYS_RETAIN settings. +## Disabled by default. Also check the EVENT_CLEANUP_SCHEDULE and EVENTS_DAYS_RETAIN settings. # ORG_EVENTS_ENABLED=false ## Number of days to retain events stored in the database. -## If unset (the default), events are kept indefently and also disables the scheduled job! +## If unset (the default), events are kept indefinitely and the scheduled job is disabled! # EVENTS_DAYS_RETAIN= ## Job scheduler settings From 7cc74dabaf5630667539dc4e9fce5183fa6abf0f Mon Sep 17 00:00:00 2001 From: BlackDex Date: Thu, 8 Dec 2022 13:35:53 +0100 Subject: [PATCH 2/2] Increase privacy of masked config This changes the masking function to hide a bit more information from the generated support string. It will still keep showing the `://` for example, and `,`, but other characters will be hidden. Also did some small changes on some key's which all showed up as `Internal` on the Settings page. Fixes #2929 --- src/config.rs | 31 ++++++++++++++++++++----------- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/src/config.rs b/src/config.rs index eb776bb9..edf5bbfe 100644 --- a/src/config.rs +++ b/src/config.rs @@ -232,14 +232,23 @@ macro_rules! make_config { /// We map over the string and remove all alphanumeric, _ and - characters. /// This is the fastest way (within micro-seconds) instead of using a regex (which takes mili-seconds) fn _privacy_mask(value: &str) -> String { - value.chars().map(|c| - match c { - c if c.is_alphanumeric() => '*', - '_' => '*', - '-' => '*', - _ => c - } - ).collect::() + let mut n: u16 = 0; + let mut colon_match = false; + value + .chars() + .map(|c| { + n += 1; + match c { + ':' if n <= 11 => { + colon_match = true; + c + } + '/' if n <= 13 && colon_match => c, + ',' => c, + _ => '*', + } + }) + .collect::() } serde_json::Value::Object({ @@ -475,9 +484,9 @@ make_config! { /// service is set, an icon request to Vaultwarden will return an HTTP redirect to the /// corresponding icon at the external service. icon_service: String, false, def, "internal".to_string(); - /// Internal + /// _icon_service_url _icon_service_url: String, false, gen, |c| generate_icon_service_url(&c.icon_service); - /// Internal + /// _icon_service_csp _icon_service_csp: String, false, gen, |c| generate_icon_service_csp(&c.icon_service, &c._icon_service_url); /// Icon redirect code |> The HTTP status code to use for redirects to an external icon service. /// The supported codes are 301 (legacy permanent), 302 (legacy temporary), 307 (temporary), and 308 (permanent). @@ -613,7 +622,7 @@ make_config! { helo_name: String, true, option; /// Embed images as email attachments. smtp_embed_images: bool, true, def, true; - /// Internal + /// _smtp_img_src _smtp_img_src: String, false, gen, |c| generate_smtp_img_src(c.smtp_embed_images, &c.domain); /// Enable SMTP debugging (Know the risks!) |> DANGEROUS: Enabling this will output very detailed SMTP messages. This could contain sensitive information like passwords and usernames! Only enable this during troubleshooting! smtp_debug: bool, false, def, false;