Bug 1137459 - Avoid sensitive information in the FxA logs. r=ckarlof, a=lmandel
authorMark Hammond <mhammond@skippinet.com.au>
Mon, 02 Mar 2015 10:02:13 +1100
changeset 249131 e969067d440dfaa0e8ca6a5becb2c481540f2935
parent 249130 bd0696c047551a1b998406e3408652b63d5adee3
child 249132 50aed8247f5c937b0ee32a7e3ac7a9d5b9002872
push id970
push userjryans@gmail.com
push dateTue, 10 Mar 2015 15:54:18 +0000
reviewersckarlof, lmandel
bugs1137459
milestone37.0
Bug 1137459 - Avoid sensitive information in the FxA logs. r=ckarlof, a=lmandel
services/fxaccounts/FxAccounts.jsm
--- a/services/fxaccounts/FxAccounts.jsm
+++ b/services/fxaccounts/FxAccounts.jsm
@@ -739,17 +739,21 @@ FxAccountsInternal.prototype = {
         if (data && !this.isUserEmailVerified(data)) {
           this.pollEmailStatus(currentState, data.sessionToken, "start");
         }
         return data;
       });
   },
 
   startVerifiedCheck: function(data) {
-    log.debug("startVerifiedCheck " + JSON.stringify(data));
+    log.debug("startVerifiedCheck", data && data.verified);
+    if (logPII) {
+      log.debug("startVerifiedCheck with user data", data);
+    }
+
     // Get us to the verified state, then get the keys. This returns a promise
     // that will fire when we are completely ready.
     //
     // Login is truly complete once keys have been fetched, so once getKeys()
     // obtains and stores kA and kB, it will fire the onverified observer
     // notification.
 
     // The callers of startVerifiedCheck never consume a returned promise (ie,