Make sure on render exception no content is leaked in log

In production builds. For internal builds, still allow it.
Note: upstream may have been leaking content here as well.

Change-Id: I1b07778d70dfddb151bf97b60482e38aeb01c26e
This commit is contained in:
SpiritCroc 2023-09-05 22:44:39 +02:00
parent b3d5d8d5f7
commit 2e6fcad79f
3 changed files with 20 additions and 7 deletions

View file

@ -16,6 +16,8 @@
package im.vector.app.core.resources
import im.vector.app.BuildConfig
data class BuildMeta(
val isDebug: Boolean,
val applicationId: String,
@ -26,4 +28,6 @@ data class BuildMeta(
val gitBranchName: String,
val flavorDescription: String,
val flavorShortDescription: String,
)
) {
val isInternalBuild: Boolean = BuildConfig.DEBUG || gitBranchName == "sm_fdroid"
}

View file

@ -45,6 +45,7 @@ import com.bumptech.glide.load.resource.bitmap.TransformationUtils
import com.bumptech.glide.request.target.Target
import im.vector.app.R
import im.vector.app.core.di.ActiveSessionHolder
import im.vector.app.core.resources.BuildMeta
import im.vector.app.core.resources.ColorProvider
import im.vector.app.core.utils.DimensionConverter
import im.vector.app.features.settings.VectorPreferences
@ -86,6 +87,7 @@ class EventHtmlRenderer @Inject constructor(
private val dimensionConverter: DimensionConverter,
private val vectorPreferences: VectorPreferences,
private val activeSessionHolder: ActiveSessionHolder,
private val buildMeta: BuildMeta,
) {
companion object {
@ -381,11 +383,20 @@ class EventHtmlRenderer @Inject constructor(
val parsed = markwon.parse(text)
renderAndProcess(parsed, postProcessors)
} catch (failure: Throwable) {
Timber.v(failure, "Fail to render $text to html")
Timber.v(failure, "Fail to render text ${text.redactIfNotDebug()} to html")
text
}
}
// Do not leak message content
fun String.redactIfNotDebug(): String {
return if (buildMeta.isInternalBuild) {
this
} else {
"(REDACTED)"
}
}
/**
* @param node the node you want to render
* @param postProcessors an optional array of post processor to add any span if needed
@ -394,7 +405,7 @@ class EventHtmlRenderer @Inject constructor(
return try {
renderAndProcess(node, postProcessors)
} catch (failure: Throwable) {
Timber.v(failure, "Fail to render $node to html")
Timber.v(failure, "Fail to render node ${node.toString().redactIfNotDebug()} to html")
return null
}
}

View file

@ -54,7 +54,7 @@ class BugReportActivity :
setupViews()
// Don't allow toggling this for internal builds... internal testers are well-known and may always be contacted!
views.bugReportButtonContactMe.isEnabled = !isInternalBuild()
views.bugReportButtonContactMe.isEnabled = !buildMeta.isInternalBuild
if (bugReporter.screenshot != null) {
views.bugReportScreenshotPreview.setImageBitmap(bugReporter.screenshot)
@ -136,10 +136,8 @@ class BugReportActivity :
}
}
private fun isInternalBuild(): Boolean = BuildConfig.DEBUG || buildMeta.gitBranchName == "sm_fdroid"
private fun minBugReportLength(): Int {
return if (isInternalBuild()) {
return if (buildMeta.isInternalBuild) {
2
} else {
10