fix: password leakage vulnerability caused by pagination (#527)

* fix: password leakage vulnerability caused by pagination Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com> * fix: unsafe get-app-login response fields Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
2025-07-02 03:00:18 +08:00 · 2022-03-02 20:58:16 +08:00
parent 2a0dcd746f
commit 83a6b757a4
3 changed files with 16 additions and 1 deletions
--- a/controllers/auth.go
+++ b/controllers/auth.go
@ -118,6 +118,7 @@ func (c *ApiController) GetApplicationLogin() {
 	state := c.Input().Get("state")

 	msg, application := object.CheckOAuthLogin(clientId, responseType, redirectUri, scope, state)
+	application = object.GetMaskedApplication(application, "")
 	if msg != "" {
 		c.ResponseError(msg, application)
 	} else {