Subject: | Dancer::Error::dumper makes a shallow copy |
Hi Dancer author(s), thanks for Dancer!
Found a nasty bug:
The Dancer::Error::dumper makes a shallow copy of the
Dancer::Config->settings hash. After a runtime error, secret
configuration values below the first level, are overriden with:
"Hidden (looks potentially sensitive)"
E.g. I've a config.yml similar to:
layout: "uulm"
logger: "file"
appname: "webcap"
session: "YAML"
session_name: "webcap.session"
authen_simple:
module: "RADIUS"
options:
host: "my.radius.server"
secret: "very_secret"
port: 1812
Runtime errors are catched, but later connections to the radius server
are failing du to the overridden RADIUS secret. That's a tricky, hidden
and nasty bug. Took my 5h to find it. Would be great if you could fix
this problem.
Thanks in advance, Charly