From b014d949d7a294068dfe2367faee8f2006ec22af Mon Sep 17 00:00:00 2001
From: Kelly Washington <kelly@lindenlab.com>
Date: Thu, 25 Oct 2012 10:53:58 -0700
Subject: MAINT-1275 [SECURITY] Web session tokens saved in SecondLife.log
 reviewed with Simon

---
 indra/newview/llviewermedia.cpp | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'indra/newview')

diff --git a/indra/newview/llviewermedia.cpp b/indra/newview/llviewermedia.cpp
index 1eb4bedfaf..ec48fa553b 100644
--- a/indra/newview/llviewermedia.cpp
+++ b/indra/newview/llviewermedia.cpp
@@ -316,9 +316,13 @@ public:
 	/* virtual */ void completedHeader(U32 status, const std::string& reason, const LLSD& content)
 	{
 		LL_WARNS("MediaAuth") << "status = " << status << ", reason = " << reason << LL_ENDL;
-		LL_WARNS("MediaAuth") << content << LL_ENDL;
+
+		LLSD stripped_content = content;
+		stripped_content.erase("set-cookie");
+		LL_WARNS("MediaAuth") << stripped_content << LL_ENDL;
 
 		std::string cookie = content["set-cookie"].asString();
+		LL_DEBUGS("MediaAuth") << "cookie = " << cookie << LL_ENDL;
 
 		LLViewerMedia::getCookieStore()->setCookiesFromHost(cookie, mHost);
 
-- 
cgit v1.2.3