WordPress.org
Get WordPress

Make WordPress Core


Ignore:
Timestamp:
02/03/2025 07:50:50 PM (3 months ago)
Author:
johnbillion
Message:

Security: Add the SensitiveParameter attribute to sensitive parameters.

Values passed to parameters with this attribute will be redacted if present in a stack trace when using PHP 8.2 or later. This reduces the chance that passwords and security keys get accidentally exposed in debug logs and bug reports.

Props petitphp, TobiasBg, jrf, johnbillion.

Fixes #57304

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/wp-includes/user.php

    r59657 r59754  
    151151 * @return WP_User|WP_Error WP_User on success, WP_Error on failure.
    152152 */
    153 function wp_authenticate_username_password( $user, $username, $password ) {
     153function wp_authenticate_username_password(
     154    $user,
     155    $username,
     156    #[\SensitiveParameter]
     157    $password
     158) {
    154159    if ( $user instanceof WP_User ) {
    155160        return $user;
     
    229234 * @return WP_User|WP_Error WP_User on success, WP_Error on failure.
    230235 */
    231 function wp_authenticate_email_password( $user, $email, $password ) {
     236function wp_authenticate_email_password(
     237    $user,
     238    $email,
     239    #[\SensitiveParameter]
     240    $password
     241) {
    232242    if ( $user instanceof WP_User ) {
    233243        return $user;
     
    302312 * @return WP_User|WP_Error WP_User on success, WP_Error on failure.
    303313 */
    304 function wp_authenticate_cookie( $user, $username, $password ) {
     314function wp_authenticate_cookie(
     315    $user,
     316    $username,
     317    #[\SensitiveParameter]
     318    $password
     319) {
    305320    global $auth_secure_cookie;
    306321
     
    343358 *                               null is passed in and this isn't an API request.
    344359 */
    345 function wp_authenticate_application_password( $input_user, $username, $password ) {
     360function wp_authenticate_application_password(
     361    $input_user,
     362    $username,
     363    #[\SensitiveParameter]
     364    $password
     365) {
    346366    if ( $input_user instanceof WP_User ) {
    347367        return $input_user;
     
    28472867 *                      be created.
    28482868 */
    2849 function wp_create_user( $username, $password, $email = '' ) {
     2869function wp_create_user(
     2870    $username,
     2871    #[\SensitiveParameter]
     2872    $password,
     2873    $email = ''
     2874) {
    28502875    $user_login = wp_slash( $username );
    28512876    $user_email = wp_slash( $email );
     
    30353060 * @return WP_User|WP_Error WP_User object on success, WP_Error object for invalid or expired keys.
    30363061 */
    3037 function check_password_reset_key( $key, $login ) {
     3062function check_password_reset_key(
     3063    #[\SensitiveParameter]
     3064    $key,
     3065    $login
     3066) {
    30383067    global $wp_hasher;
    30393068
     
    33723401 * @param string  $new_pass New password for the user in plaintext
    33733402 */
    3374 function reset_password( $user, $new_pass ) {
     3403function reset_password(
     3404    $user,
     3405    #[\SensitiveParameter]
     3406    $new_pass
     3407) {
    33753408    /**
    33763409     * Fires before the user's password is reset.
     
    49334966 * @return true|WP_Error True on success, WP_Error on failure.
    49344967 */
    4935 function wp_validate_user_request_key( $request_id, $key ) {
     4968function wp_validate_user_request_key(
     4969    $request_id,
     4970    #[\SensitiveParameter]
     4971    $key
     4972) {
    49364973    global $wp_hasher;
    49374974
Note: See TracChangeset for help on using the changeset viewer.