Commit 6854af87 authored by Oliver Bartsch's avatar Oliver Bartsch Committed by Benni Mack

[TASK] Blind more configuration options per default

TYPO3 should blind sensitive configurations options, such
as credentials or keys, by default, since the configuration
module can usually be accessed by all admins.

Integrators always have the possibility to adjust these
settings using the modifyBlindedConfigurationOptions
hook.

Resolves: #93250
Releases: master, 10.4
Change-Id: I8eaefa7b166de54190cee2b4eac5e2dfc1513cc5
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67366Tested-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
Tested-by: default avatarTYPO3com <noreply@typo3.com>
Tested-by: default avatarGuido Schmechel <guido.schmechel@brandung.de>
Tested-by: Benni Mack's avatarBenni Mack <benni@typo3.org>
Reviewed-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: default avatarGuido Schmechel <guido.schmechel@brandung.de>
Reviewed-by: Benni Mack's avatarBenni Mack <benni@typo3.org>
parent 4bc56676
...@@ -30,6 +30,9 @@ class GlobalVariableProvider extends AbstractProvider ...@@ -30,6 +30,9 @@ class GlobalVariableProvider extends AbstractProvider
*/ */
protected array $blindedConfigurationOptions = [ protected array $blindedConfigurationOptions = [
'TYPO3_CONF_VARS' => [ 'TYPO3_CONF_VARS' => [
'BE' => [
'installToolPassword' => '******'
],
'DB' => [ 'DB' => [
'database' => '******', 'database' => '******',
'host' => '******', 'host' => '******',
...@@ -48,6 +51,16 @@ class GlobalVariableProvider extends AbstractProvider ...@@ -48,6 +51,16 @@ class GlobalVariableProvider extends AbstractProvider
], ],
], ],
], ],
'HTTP' => [
'cert' => '******',
'ssl_key' => '******'
],
'MAIL' => [
'transport_smtp_encrypt' => '******',
'transport_smtp_password' => '******',
'transport_smtp_server' => '******',
'transport_smtp_username' => '******',
],
'SYS' => [ 'SYS' => [
'encryptionKey' => '******' 'encryptionKey' => '******'
], ],
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment