Call toString() even if objects do not implement lang.Value

xp-framework / core

The XP Framework is an all-purpose, object oriented PHP framework.

Other

19 stars 6 forks source link

Call toString() even if objects do not implement lang.Value #313

Closed thekid closed 7 months ago

thekid commented 2 years ago

Idea based on #312, however, I disagree that this is an information disclosure problem. Secret values should use the util.Secret class, see https://github.com/xp-framework/core/issues/312#issuecomment-1215324522

thekid commented 2 years ago

In addition to XP core's 4'221 unittests, all 13'885 XP libraries' tests also pass with this change - the behavioral change doesn't have any impact here (although I'll admit I don't always test string representations thorougly...)