Open TMisiukiewicz opened 4 weeks ago
cc @mountiny
Current assignee @mountiny is eligible for the AutoAssignerNewDotQuality assigner, not assigning anyone new.
📣 @kyy23! 📣 Hey, it seems we don’t have your contributor details yet! You'll only have to do this once, and this is how we'll hire you on Upwork. Please follow these steps:
Contributor details
Your Expensify account email: <REPLACE EMAIL HERE>
Upwork Profile Link: <REPLACE LINK HERE>
Hello, TMisiukiewicz I can mask authToken and encryptedAuthToken automatically. please let me know if you allow me to do it.
Merged!
@muttmuure it appears that we haven't processed payment for this issue. Can you double check it? Thank you
Job added to Upwork: https://www.upwork.com/jobs/~021838166767638673695
Current assignee @hoangzinh is eligible for the External assigner, not assigning anyone new.
Invited
@muttmuure I haven't received the Upwork offer yet. Can you check it again? Thank you
Can you share your upwork profile?
Sent you in Slack @muttmuure
Problem
When exporting the Onyx state from the Troubleshoot section, sensitive information such as
authToken
andencryptedAuthToken
are not masked by default. These tokens remain exposed until the "Mask fragile user data" option is explicitly enabled. This could lead to a security vulnerability, as anyone with access to the exported state file could potentially view or misuse these tokens.Solution
To mitigate this risk, it should automatically mask
authToken
andencryptedAuthToken
regardless of whether the "Mask fragile user data" option is enabled.Upwork Automation - Do Not Edit
Issue Owner
Current Issue Owner: @Issue Owner
Current Issue Owner: @muttmuure