[TASK] Blind more configuration options per default

TYPO3 should blind sensitive configurations options, such as credentials or keys, by default, since the configuration module can usually be accessed by all admins. Integrators always have the possibility to adjust these settings using the modifyBlindedConfigurationOptions hook. Resolves: #93250 Releases: master, 10.4 Change-Id: I8eaefa7b166de54190cee2b4eac5e2dfc1513cc5 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67366Tested-by: Christian Kuhn <lolli@schwarzbu.ch> Tested-by: TYPO3com <noreply@typo3.com> Tested-by: Guido Schmechel <guido.schmechel@brandung.de> Tested-by: Benni Mack <benni@typo3.org> Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch> Reviewed-by: Guido Schmechel <guido.schmechel@brandung.de> Reviewed-by: Benni Mack <benni@typo3.org>

[TASK] Blind more configuration options per default
TYPO3 should blind sensitive configurations options, such as credentials or keys, by default, since the configuration module can usually be accessed by all admins. Integrators always have the possibility to adjust these settings using the modifyBlindedConfigurationOptions hook. Resolves: #93250 Releases: master, 10.4 Change-Id: I8eaefa7b166de54190cee2b4eac5e2dfc1513cc5 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67366Tested-by: Christian Kuhn <lolli@schwarzbu.ch> Tested-by: TYPO3com <noreply@typo3.com> Tested-by: Guido Schmechel <guido.schmechel@brandung.de> Tested-by: Benni Mack <benni@typo3.org> Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch> Reviewed-by: Guido Schmechel <guido.schmechel@brandung.de> Reviewed-by: Benni Mack <benni@typo3.org>
6854af87 · Oliver Bartsch · Benni Mack · 4bc56676 · 6854af87
Commit 6854af87 authored Jan 08, 2021 by Oliver Bartsch Committed by Benni Mack Jan 08, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 13 additions and 0 deletions

typo3/sysext/lowlevel/Classes/ConfigurationModuleProvider/GlobalVariableProvider.php ...es/ConfigurationModuleProvider/GlobalVariableProvider.php +13 -0

No files found.
--- a/typo3/sysext/lowlevel/Classes/ConfigurationModuleProvider/GlobalVariableProvider.php
+++ b/typo3/sysext/lowlevel/Classes/ConfigurationModuleProvider/GlobalVariableProvider.php
@@ -30,6 +30,9 @@ class GlobalVariableProvider extends AbstractProvider
     */
    protected array $blindedConfigurationOptions = [
        'TYPO3_CONF_VARS' => [
+            'BE' => [
+                'installToolPassword' => '******'
+            ],
            'DB' => [
                'database' => '******',
                'host' => '******',
@@ -48,6 +51,16 @@ class GlobalVariableProvider extends AbstractProvider
                    ],
                ],
            ],
+            'HTTP' => [
+                'cert' => '******',
+                'ssl_key' => '******'
+            ],
+            'MAIL' => [
+                'transport_smtp_encrypt' => '******',
+                'transport_smtp_password' => '******',
+                'transport_smtp_server' => '******',
+                'transport_smtp_username' => '******',
+            ],
            'SYS' => [
                'encryptionKey' => '******'
            ],