Sanitize track URLs before logging? #2051
Labels
A-core
Area: Core layer
C-enhancement
Category: A PR with an enhancement or an issue with an enhancement proposal
mopidy/mopidy-spotify#110 (comment) made me realize that we should probably strip out any auth info in URLs we log. I don't think we can ensure that plugins don't screw this up, but we should probably make sure core does it's part. One option that comes to mind is having a dedicated type that also does this sanitation when
__str__
is used on it, forcing the cases where we want to true value to call some other method.The text was updated successfully, but these errors were encountered: