7 лет назад · 99dfdbc10d
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,8 @@
 
				 * Bug fixing
			
 
				 	* Fix bugs when searching with special characters (e.g. preventing marking as read) [#1944](https://github.com/FreshRSS/FreshRSS/issues/1944)
			
 
				 	* Fix username check in API to allow underscores [#1955](https://github.com/FreshRSS/FreshRSS/issues/1955)
			
 
				+* Security
			
 
				+	* Avoid feed credentials in logs [#1949](https://github.com/FreshRSS/FreshRSS/pull/1949)
			
 
				 * Mics.
			
 
				 	* Auto-login after self user creation [#1928](https://github.com/FreshRSS/FreshRSS/issues/1928)
			
 
				 
			
--- a/app/Controllers/entryController.php
+++ b/app/Controllers/entryController.php
@@ -186,7 +186,7 @@ class FreshRSS_entry_Controller extends Minz_ActionController {
 
				 				$nb = $entryDAO->cleanOldEntries($feed->id(), $date_min, $feed_history);
			
 
				 				if ($nb > 0) {
			
 
				 					$nb_total += $nb;
			
 
				-					Minz_Log::debug($nb . ' old entries cleaned in feed [' . $feed->url() . ']');
			
 
				+					Minz_Log::debug($nb . ' old entries cleaned in feed [' . $feed->url(false) . ']');
			
 
				 				}
			
 
				 			}
			
 
				 		}
			
--- a/app/Controllers/feedController.php
+++ b/app/Controllers/feedController.php
@@ -295,12 +295,12 @@ class FreshRSS_feed_Controller extends Minz_ActionController {
 
				 				if ($feed->lastUpdate() + 10 >= $mtime) {
			
 
				 					continue;	//Nothing newer from other users
			
 
				 				}
			
 
				-				//Minz_Log::debug($feed->url() . ' was updated at ' . date('c', $mtime) . ' by another user');
			
 
				+				//Minz_Log::debug($feed->url(false) . ' was updated at ' . date('c', $mtime) . ' by another user');
			
 
				 				//Will take advantage of the newer cache
			
 
				 			}
			
 
				 
			
 
				 			if (!$feed->lock()) {
			
 
				-				Minz_Log::notice('Feed already being actualized: ' . $feed->url());
			
 
				+				Minz_Log::notice('Feed already being actualized: ' . $feed->url(false));
			
 
				 				continue;
			
 
				 			}
			
 
				 
			
@@ -351,7 +351,7 @@ class FreshRSS_feed_Controller extends Minz_ActionController {
 
				 							//This entry already exists and is unchanged. TODO: Remove the test with the zero'ed hash in FreshRSS v1.3
			
 
				 							$oldGuids[] = $entry->guid();
			
 
				 						} else {	//This entry already exists but has been updated
			
 
				-							//Minz_Log::debug('Entry with GUID `' . $entry->guid() . '` updated in feed ' . $feed->url() .
			
 
				+							//Minz_Log::debug('Entry with GUID `' . $entry->guid() . '` updated in feed ' . $feed->url(false) .
			
 
				 								//', old hash ' . $existingHash . ', new hash ' . $entry->hash());
			
 
				 							$mark_updated_article_unread = $feed->attributes('mark_updated_article_unread') !== null ? (
			
 
				 									$feed->attributes('mark_updated_article_unread')
			
@@ -425,8 +425,7 @@ class FreshRSS_feed_Controller extends Minz_ActionController {
 
				 				                                max($feed_history, count($entries) + 10));
			
 
				 				if ($nb > 0) {
			
 
				 					$needFeedCacheRefresh = true;
			
 
				-					Minz_Log::debug($nb . ' old entries cleaned in feed [' .
			
 
				-					                $feed->url() . ']');
			
 
				+					Minz_Log::debug($nb . ' old entries cleaned in feed [' . $feed->url(false) . ']');
			
 
				 				}
			
 
				 			}
			
 
				 
			
@@ -442,25 +441,25 @@ class FreshRSS_feed_Controller extends Minz_ActionController {
 
				 				if ($feed->selfUrl() !== $url) {	//https://code.google.com/p/pubsubhubbub/wiki/MovingFeedsOrChangingHubs
			
 
				 					$selfUrl = checkUrl($feed->selfUrl());
			
 
				 					if ($selfUrl) {
			
 
				-						Minz_Log::debug('PubSubHubbub unsubscribe ' . $feed->url());
			
 
				+						Minz_Log::debug('PubSubHubbub unsubscribe ' . $feed->url(false));
			
 
				 						if (!$feed->pubSubHubbubSubscribe(false)) {	//Unsubscribe
			
 
				-							Minz_Log::warning('Error while PubSubHubbub unsubscribing from ' . $feed->url());
			
 
				+							Minz_Log::warning('Error while PubSubHubbub unsubscribing from ' . $feed->url(false));
			
 
				 						}
			
 
				 						$feed->_url($selfUrl, false);
			
 
				-						Minz_Log::notice('Feed ' . $url . ' canonical address moved to ' . $feed->url());
			
 
				+						Minz_Log::notice('Feed ' . $url . ' canonical address moved to ' . $feed->url(false));
			
 
				 						$feedDAO->updateFeed($feed->id(), array('url' => $feed->url()));
			
 
				 					}
			
 
				 				}
			
 
				 			} elseif ($feed->url() !== $url) {	// HTTP 301 Moved Permanently
			
 
				-				Minz_Log::notice('Feed ' . $url . ' moved permanently to ' . $feed->url());
			
 
				+				Minz_Log::notice('Feed ' . $url . ' moved permanently to ' . $feed->url(false));
			
 
				 				$feedDAO->updateFeed($feed->id(), array('url' => $feed->url()));
			
 
				 			}
			
 
				 
			
 
				 			$feed->faviconPrepare();
			
 
				 			if ($pubsubhubbubEnabledGeneral && $feed->pubSubHubbubPrepare()) {
			
 
				-				Minz_Log::notice('PubSubHubbub subscribe ' . $feed->url());
			
 
				+				Minz_Log::notice('PubSubHubbub subscribe ' . $feed->url(false));
			
 
				 				if (!$feed->pubSubHubbubSubscribe(true)) {	//Subscribe
			
 
				-					Minz_Log::warning('Error while PubSubHubbub subscribing to ' . $feed->url());
			
 
				+					Minz_Log::warning('Error while PubSubHubbub subscribing to ' . $feed->url(false));
			
 
				 				}
			
 
				 			}
			
 
				 			$feed->unlock();
			
--- a/app/Models/Feed.php
+++ b/app/Models/Feed.php
@@ -59,8 +59,8 @@ class FreshRSS_Feed extends Minz_Model {
 
				 		return $this->hash;
			
 
				 	}
			
 
				 
			
 
				-	public function url() {
			
 
				-		return $this->url;
			
 
				+	public function url($includeCredentials = true) {
			
 
				+		return $includeCredentials ? $this->url : SimplePie_Misc::url_remove_credentials($this->url);
			
 
				 	}
			
 
				 	public function selfUrl() {
			
 
				 		return $this->selfUrl;