Browse Source

Qt/RPCConsole: Don't store commands with potentially sensitive information in the history

Filters importprivkey, signrawtransaction, walletpassphrase, walletpassphrasechange, and encryptwallet
0.14
Jonas Schnelli 10 years ago committed by Luke Dashjr
parent
commit
9044908636
  1. 19
      src/qt/rpcconsole.cpp
  2. 1
      src/qt/rpcconsole.h

19
src/qt/rpcconsole.cpp

@ -63,6 +63,14 @@ const struct { @@ -63,6 +63,14 @@ const struct {
{NULL, NULL}
};
// don't add private key handling cmd's to the history
const QStringList RPCConsole::historyFilter = QStringList()
<< "importprivkey"
<< "signrawtransaction"
<< "walletpassphrase"
<< "walletpassphrasechange"
<< "encryptwallet";
/* Object for executing console RPC commands in a separate thread.
*/
class RPCExecutor : public QObject
@ -755,6 +763,16 @@ void RPCConsole::on_lineEdit_returnPressed() @@ -755,6 +763,16 @@ void RPCConsole::on_lineEdit_returnPressed()
message(CMD_REQUEST, cmd);
Q_EMIT cmdRequest(cmd);
bool storeHistory = true;
Q_FOREACH(QString unallowedCmd, historyFilter)
{
if (cmd.trimmed().startsWith(unallowedCmd))
storeHistory = false; break;
}
if (storeHistory)
{
// Remove command, if already in history
history.removeOne(cmd);
// Append command to history
@ -764,6 +782,7 @@ void RPCConsole::on_lineEdit_returnPressed() @@ -764,6 +782,7 @@ void RPCConsole::on_lineEdit_returnPressed()
history.removeFirst();
// Set pointer to end of history
historyPtr = history.size();
}
// Scroll console view to end
scrollToEnd();
}

1
src/qt/rpcconsole.h

@ -140,6 +140,7 @@ private: @@ -140,6 +140,7 @@ private:
ClientModel *clientModel;
QStringList history;
int historyPtr;
const static QStringList historyFilter;
QString cmdBeforeBrowsing;
QList<NodeId> cachedNodeids;
const PlatformStyle *platformStyle;

Loading…
Cancel
Save