# HG changeset patch # User John Bailey # Date 1245375045 0 # Node ID fb89c9f6e57a2813106c8e35cc4a7abf7686019e # Parent e4d738813cd86023dbd180264a8f4e32f52293a7 *** Plucked rev c1ede5faf776dc1cc966dabb42c1ef0dbaea31db (rekkanoryo@pidgin.im): Only log requested HTTP URL's when PURPLE_UNSAFE_DEBUG is set and change MSN to use PURPLE_UNSAFE_DEBUG instead of PURPLE_MSN_UNSAFE_DEBUG for consistency. Not logging URL's will prevent potential password disclosure for the Yahoo HTTP login method. diff -r e4d738813cd8 -r fb89c9f6e57a libpurple/protocols/msn/soap.c --- a/libpurple/protocols/msn/soap.c Fri Jun 19 01:18:18 2009 +0000 +++ b/libpurple/protocols/msn/soap.c Fri Jun 19 01:30:45 2009 +0000 @@ -80,7 +80,7 @@ conn->session = session; conn->host = g_strdup(host); conn->queue = g_queue_new(); - conn->unsafe_debug = g_getenv("PURPLE_MSN_UNSAFE_DEBUG") != NULL; + conn->unsafe_debug = g_getenv("PURPLE_UNSAFE_DEBUG") != NULL; return conn; } diff -r e4d738813cd8 -r fb89c9f6e57a libpurple/util.c --- a/libpurple/util.c Fri Jun 19 01:18:18 2009 +0000 +++ b/libpurple/util.c Fri Jun 19 01:30:45 2009 +0000 @@ -3966,7 +3966,10 @@ } } - purple_debug_misc("util", "Request: '%s'\n", gfud->request); + if(g_getenv("PURPLE_UNSAFE_DEBUG")) + purple_debug_misc("util", "Request: '%s'\n", gfud->request); + else + purple_debug_misc("util", "request constructed\n"); total_len = strlen(gfud->request); @@ -4069,9 +4072,12 @@ g_return_val_if_fail(url != NULL, NULL); g_return_val_if_fail(callback != NULL, NULL); - purple_debug_info("util", - "requested to fetch (%s), full=%d, user_agent=(%s), http11=%d\n", - url, full, user_agent?user_agent:"(null)", http11); + if(g_getenv("PURPLE_UNSAFE_DEBUG")) + purple_debug_info("util", + "requested to fetch (%s), full=%d, user_agent=(%s), http11=%d\n", + url, full, user_agent?user_agent:"(null)", http11); + else + purple_debug_info("util", "requesting to fetch a URL\n"); gfud = g_new0(PurpleUtilFetchUrlData, 1);