SensitiveParameter 属性
(PHP 8 >= 8.2.0)
简介
该注解用于标记敏感参数,如果出现在栈跟踪中,则应编辑其值。
类摘要
示例
<?php
function defaultBehavior(
string $secret,
string $normal
) {
throw new Exception('Error!');
}
function sensitiveParametersWithAttribute(
#[\SensitiveParameter]
string $secret,
string $normal
) {
throw new Exception('Error!');
}
try {
defaultBehavior('password', 'normal');
} catch (Exception $e) {
echo $e, PHP_EOL, PHP_EOL;
}
try {
sensitiveParametersWithAttribute('password', 'normal');
} catch (Exception $e) {
echo $e, PHP_EOL, PHP_EOL;
}
?>上述示例在 PHP 8.2 中的输出类似于:
Exception: Error! in example.php:7
Stack trace:
#0 example.php(19): defaultBehavior('password', 'normal')
#1 {main}
Exception: Error! in example.php:15
Stack trace:
#0 example.php(25): sensitiveParametersWithAttribute(Object(SensitiveParameterValue), 'normal')
#1 {main}
目录
- SensitiveParameter::__construct — Construct a new SensitiveParameter attribute instance
+添加备注
用户贡献的备注 1 note
miqrogroove at gmail dot com ¶
1 month ago
Beware this attribute does nothing on object interfaces and will permit password exposure when used incorrectly.
<?php
interface Server
{
public function connect(
#[\SensitiveParameter]
string $password,
);
}
class TestServer implements Server
{
public function connect(
string $password,
) {
throw new Exception('Guess what?');
}
}
($var = new TestServer())->connect('wrl!L3=6O57T9?r');备份地址:http://www.lvesu.com/blog/php/class.sensitiveparameter.php