fix: password leakage vulnerability caused by pagination (#527)

* fix: password leakage vulnerability caused by pagination Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com> * fix: unsafe get-app-login response fields Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
2025-07-03 12:30:19 +08:00 · 2022-03-02 20:58:16 +08:00
parent 2a0dcd746f
commit 83a6b757a4
3 changed files with 16 additions and 1 deletions
--- a/object/application.go
+++ b/object/application.go
@ -217,7 +217,19 @@ func GetMaskedApplication(application *Application, userId string) *Application
 	if application.ClientSecret != "" {
 		application.ClientSecret = "***"
 	}
-	return application
+
+	if application.OrganizationObj != nil {
+		if application.OrganizationObj.MasterPassword != "" {
+			application.OrganizationObj.MasterPassword = "***"
+		}
+		if application.OrganizationObj.PasswordType != "" {
+			application.OrganizationObj.PasswordType = "***"
+		}
+		if application.OrganizationObj.PasswordSalt != "" {
+			application.OrganizationObj.PasswordSalt = "***"
+		}
+	}
+ 	return application
 }

 func GetMaskedApplications(applications []*Application, userId string) []*Application {