fix: mask sensitive API keys in /api/config response#633
Open
mango766 wants to merge 1 commit into666ghj:mainfrom
Open
fix: mask sensitive API keys in /api/config response#633mango766 wants to merge 1 commit into666ghj:mainfrom
mango766 wants to merge 1 commit into666ghj:mainfrom
Conversation
The GET /api/config endpoint was returning all configuration values in plaintext, including API keys and passwords. This meant anyone with network access could read every secret stored in the config. Add helper functions that identify sensitive keys (those containing API_KEY, SECRET, or PASSWORD) and replace their values with a masked form that only shows the last 4 characters (e.g. "***abcd"). The POST endpoint response is also masked so secrets are never leaked in any config API response. Co-Authored-By: Claude (claude-opus-4-6) <noreply@anthropic.com>
dosubot
bot
added
the
size:M
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #632, related to #620
The
/api/configGET endpoint currently returns API keys in plaintext. This masks sensitive config values (anything containingAPI_KEY,SECRET, orPASSWORD) in the response, showing only the last 4 characters.This way the frontend can still indicate whether a key is configured, without exposing the actual value to anyone with network access.
Changes:
/api/confignow returns masked values for sensitive fields/api/configresponse is also masked (the write itself still accepts full values)