diff --git a/src/UrlParams.ts b/src/UrlParams.ts index f4ea840de..773aa4121 100644 --- a/src/UrlParams.ts +++ b/src/UrlParams.ts @@ -19,6 +19,7 @@ import { Config } from "./config/Config"; import { type EncryptionSystem } from "./e2ee/sharedKeyManagement"; import { E2eeType } from "./e2ee/e2eeType"; import { platform } from "./Platform"; +import { redact } from "./utils/redact"; interface RoomIdentifier { roomAlias: string | null; @@ -494,7 +495,7 @@ export const computeUrlParams = (search = "", hash = ""): UrlParams => { "intent:", intent, "\nproperties:", - properties, + redact(properties, "password"), "configuration:", configuration, ); diff --git a/src/utils/redact.test.ts b/src/utils/redact.test.ts new file mode 100644 index 000000000..977b5ebc0 --- /dev/null +++ b/src/utils/redact.test.ts @@ -0,0 +1,58 @@ +/* +Copyright 2026 New Vector Ltd. + +SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial +Please see LICENSE in the repository root for full details. +*/ + +import { expect, test } from "vitest"; + +import { redact } from "./redact"; + +test("empty object", () => { + expect(redact({})).toEqual({}); +}); + +test("no keys", () => { + expect(redact({ foo: "bar" })).toEqual({ foo: "bar" }); +}); + +test("redact one key", () => { + expect(redact({ foo: "bar" }, "foo")).toEqual({ foo: "" }); +}); + +test("redact two keys", () => { + expect(redact({ foo: "bar", bar: "foo" }, "foo", "bar")).toEqual({ + foo: "", + bar: "", + }); +}); + +test("no redaction of unrelated keys", () => { + expect(redact({ foo: "bar", bar: "foo" }, "foo")).toEqual({ + foo: "", + bar: "foo", + }); +}); + +test("no redaction of missing keys", () => { + expect( + redact({ foo: "bar" } as { foo: string; bar: string | undefined }, "bar"), + ).toEqual({ + foo: "bar", + }); +}); + +test("no redaction of null values", () => { + expect(redact({ foo: "bar", bar: null }, "bar")).toEqual({ + foo: "bar", + bar: null, + }); +}); + +test("no redaction of undefined values", () => { + expect(redact({ foo: "bar", bar: undefined }, "bar")).toEqual({ + foo: "bar", + bar: undefined, + }); +}); diff --git a/src/utils/redact.ts b/src/utils/redact.ts new file mode 100644 index 000000000..9a3ea9090 --- /dev/null +++ b/src/utils/redact.ts @@ -0,0 +1,25 @@ +/* +Copyright 2026 New Vector Ltd. + +SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial +Please see LICENSE in the repository root for full details. +*/ + +/** + * Redacts properties in the supplied object by replacing them with + * a constant value. + * @param obj Object in which to perform redaction + * @param keys Keys to be redacted in the object + * @returns A new object with the specified properties redacted + */ +export function redact( + obj: T, + ...keys: (keyof T)[] +): Record { + const result: Record = { ...obj }; + for (const key of keys) + if (key in result && result[key] != null) { + result[key] = ""; + } + return result; +}