VideoInfoScanner: Correctly redact URLs

CURL::GetRedacted does not work on decoded URLs since e.g. the password
part may include an encoded @ (%40) that in decoded form will confuse
the redaction and expose part of the password. Also, there is no
particularly strong reason to decode URLs for log messages here.
When matching the regular expressions, however, the URL must be decoded,
but the username/password details are not important, so redact them
before matching. Otherwise, they might get exposed during further
logging done on the decoded URLs.

0 files changed, 0 insertions, 0 deletions