Bug 1137459 - Avoid sensitive information in the FxA logs. r=ckarlof, a=lmandel
authorMark Hammond <mhammond@skippinet.com.au>
Mon, 02 Mar 2015 10:02:13 +1100
changeset 250256 e969067d440d
parent 250255 bd0696c04755
child 250257 50aed8247f5c
push id4527
push userryanvm@gmail.com
push date2015-03-05 16:09 +0000
treeherdermozilla-beta@00bad6e2ffbc [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersckarlof, lmandel
bugs1137459
milestone37.0
Bug 1137459 - Avoid sensitive information in the FxA logs. r=ckarlof, a=lmandel
services/fxaccounts/FxAccounts.jsm
--- a/services/fxaccounts/FxAccounts.jsm
+++ b/services/fxaccounts/FxAccounts.jsm
@@ -739,17 +739,21 @@ FxAccountsInternal.prototype = {
         if (data && !this.isUserEmailVerified(data)) {
           this.pollEmailStatus(currentState, data.sessionToken, "start");
         }
         return data;
       });
   },
 
   startVerifiedCheck: function(data) {
-    log.debug("startVerifiedCheck " + JSON.stringify(data));
+    log.debug("startVerifiedCheck", data && data.verified);
+    if (logPII) {
+      log.debug("startVerifiedCheck with user data", data);
+    }
+
     // Get us to the verified state, then get the keys. This returns a promise
     // that will fire when we are completely ready.
     //
     // Login is truly complete once keys have been fetched, so once getKeys()
     // obtains and stores kA and kB, it will fire the onverified observer
     // notification.
 
     // The callers of startVerifiedCheck never consume a returned promise (ie,