From d2d232135b29362fb0071d40814766bb5ee5fa10 Mon Sep 17 00:00:00 2001 From: fdrab Date: Tue, 22 Jul 2025 17:09:04 +0200 Subject: [PATCH 1/2] sanitize preview when handling secret parameters --- apps/st2-actions/actions-details.component.js | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/apps/st2-actions/actions-details.component.js b/apps/st2-actions/actions-details.component.js index 84a3df31f..230211d69 100644 --- a/apps/st2-actions/actions-details.component.js +++ b/apps/st2-actions/actions-details.component.js @@ -17,6 +17,7 @@ import React from 'react'; import { PropTypes } from 'prop-types'; import { connect } from 'react-redux'; import store from './store'; +import _ from 'lodash'; import api from '@stackstorm/module-api'; import notification from '@stackstorm/module-notification'; @@ -270,6 +271,16 @@ export default class ActionsDetails extends React.Component { this.setState({ runPreview }); } + sanitizePreview(code) { + return _.mapValues(code, (value, key) => { + if (value && this.props.action.parameters[key] && this.props.action.parameters[key].secret) { + return '*'.repeat(value.length); + } + + return value; + }); + } + handleToggleExecution(id) { this.setState({ executionsVisible: { @@ -477,7 +488,7 @@ export default class ActionsDetails extends React.Component { ) : null } - { this.state.runPreview && } + { this.state.runPreview && }
From 0c1a30c1b41dba1444f88dc0df29766a04ce8abf Mon Sep 17 00:00:00 2001 From: fdrab Date: Fri, 1 Aug 2025 16:36:18 +0200 Subject: [PATCH 2/2] adding changelog entry --- CHANGELOG.rst | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 4e7b4fe1b..45d911454 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -6,6 +6,10 @@ in development Changed ~~~~~~~ +* Re-introduced preview sanitization for secrets. #1005 + + Contributed by @fdrab + * Updated various dependencies (security). #1009, #1020 Contributed by @enykeev