search

rhubarbgroup / redis-cache

A persistent object cache backend for WordPress powered by Redis. Supports Predis, PhpRedis, Relay, replication, sentinels, clustering and WP-CLI.
https://wordpress.org/plugins/redis-cache/
GNU General Public License v3.0
427 stars 149 forks source link

remove visible passwords from overview and diagnostics when passing passwords via connection string #439

Closed dustinrue closed 1 year ago

dustinrue commented 1 year ago

In my situation, I am using Redis with Sentinel option enabled in Kubernetes. All sentinels (and Redis) are available at an internal service of "redis" and it is only necessary to define the single instance. However, when using Redis Sentinel, where the sentinel requires a password, the password may be passed via the configuration like this:

define( 'WP_REDIS_SERVERS', [
  'redis:26379/?password=sentinel-password'
] );

This information is then visible on the overview and diagnostics screen. This PR redacts the information before display. I did not create an associated "Issue" however.

tillkruss commented 1 year ago

Superseded by 302e7de8a8f90c69c59505fa1a828e3b7aa28045. @dustinrue: LMK if that works for you.