From 89a88cfcb8744da93c98f00a7576ab8115373a07 Mon Sep 17 00:00:00 2001
From: "Barry vd. Heuvel" <barryvdh@gmail.com>
Date: Wed, 9 Sep 2015 10:29:51 +0200
Subject: [PATCH] Remove sensitive info from headers

---
 src/DataCollector/SymfonyRequestCollector.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/DataCollector/SymfonyRequestCollector.php b/src/DataCollector/SymfonyRequestCollector.php
index dfdd95e4..2880bf05 100644
--- a/src/DataCollector/SymfonyRequestCollector.php
+++ b/src/DataCollector/SymfonyRequestCollector.php
@@ -109,6 +109,12 @@ public function collect()
             $data['session_attributes'] = $sessionAttributes;
         }
 
+        foreach ($data['request_server'] as $key => $value) {
+            if (str_is('*_KEY', $key) || str_is('*_PASSWORD', $key) || str_is('*_SECRET', $key)) {
+                $data['request_server'][$key] = '******';
+            }
+        }
+
         if (isset($data['request_headers']['php-auth-pw'])) {
             $data['request_headers']['php-auth-pw'] = '******';
         }