Comments (2)
You are indeed correct, all of the flow steps are redacted before being added to the revisions, by replacing all values found in the FLOWS_ENV_ALLOW_LIST
environment variables (values) with their redacted counterparts, that would lead to this problem. So in your case I would presume that your COMETCHAT_REGION
happens to be us
and you're exposing that to your flows (which is a totally valid use case).
I wonder if this is a valid use case / request for some FLOWS_ENV_DONT_REDACT
configuration?
I don't think this is easily fixable in the frontend, since we have the string --redacted:WHATEVER_ENV--
but don't know anything about the original.
To fix your problem, you can change your "Read organization user" operation key
to something that does not contain "us" and you should be fine!
I'm gonna leave this open, as I can see some problems arising with this redaction if the value is something like a
.
from directus.
Thanks for your response.
FLOWS_ENV_DONT_REDACT would be a great addition
I'm wondering what's the use case for redacting the operation key. What is a possible security concern?
from directus.
Related Issues (20)
- Incorrect variable scoping for `Displays To Summarize Relational Items` extension guide
- [Error] Could not load (plugin commonjs) - file watching crashing
- EXTENSIONS_AUTO_RELOAD feature does not work in Docker Container HOT 1
- Migration from 10.10.5 to 10.12.1 fails HOT 1
- Can't upload large files with S3 storage driver HOT 8
- Invalid foreign key on One-to-Many fields
- Many-to-Many (m2m) fields to not render translations properly without saving
- Include image extension when uploading images in preview URL & WYSIWYG content.
- Import of a JSON File with approx. 30.000 rows -> Failure Message "This file´s data structure does not match the collection." But after 1-2 hours datas are correctly imported.
- Updating Directus Version from 10.8 to 10.12 HOT 6
- Incorrect types infered for M2O/M2M relations in SDK for query filter
- Records with custom permission are not available in the API. HOT 2
- Numeric Fields for Labels Display - Configuration type problem
- Flows logs are not shown in flow sidebar HOT 1
- Flows - unable to use id/key in payload from Read Data operation HOT 1
- SDK type error on readItems when using 'datetime' literal HOT 3
- Make flow names & descriptions translatable
- The s3 file health-xxxxx generated by the health check was not cleared successfully HOT 3
- `items.read` doesn't seem to trigger every time
- Some operations are missing when querying via `/operations` endpoint HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from directus.