Closed dakujem closed 3 years ago
Two sections of BlueScreen were previously not properly scrubbed:
This includes, for example, the Cookie header, which can easily be used to hijack the session:
Cookie
The Cookie is plaintext-legible in the Headers section, while the $_COOKIE section right below gets properly scrubbed:
Headers
$_COOKIE
This PR fixes the issue.
Would you like me to create a second PR for the 2.x branch?
Thanks. I'll copy it to the 2.7 branch.
Two sections of BlueScreen were previously not properly scrubbed:
This includes, for example, the
Cookie
header, which can easily be used to hijack the session:The Cookie is plaintext-legible in the
Headers
section, while the$_COOKIE
section right below gets properly scrubbed:This PR fixes the issue.