dépôts / lhc / web / wiklou.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
SECURITY: API: Don't log "sensitive" parameters
[lhc/web/wiklou.git] / includes / api / ApiAuthManagerHelper.php
diff --git a/includes/api/ApiAuthManagerHelper.php b/includes/api/ApiAuthManagerHelper.php
index d037c36..8862cc7 100644 (file)
--- a/includes/api/ApiAuthManagerHelper.php
+++ b/includes/api/ApiAuthManagerHelper.php
@@ -169,6 +169,7 @@ class ApiAuthManagerHelper {
                $this->module->getMain()->markParamsUsed( array_keys( $data ) );
 
                if ( $sensitive ) {
+                       $this->module->getMain()->markParamsSensitive( array_keys( $sensitive ) );
                        $this->module->requirePostedParameters( array_keys( $sensitive ), 'noprefix' );
                }
 
Wiklou, le Wiki du Wiklou