From 743bb6bc73f5ade262c9979d045f731d4eac12b7 Mon Sep 17 00:00:00 2001
From: mindesbunister <github_service@egonetix.de>
Date: Thu, 17 Jul 2025 14:46:01 +0200
Subject: [PATCH] SECURITY: Remove credential exposure from logs

- Replace full config logging with sanitized version
- Credentials now show as [REDACTED] in console logs
- Fixed in: enhanced-screenshot service, API routes, test files
- Prevents TradingView email/password from appearing in container logs
---
 app/api/enhanced-screenshot/route.js |  8 +++++++-
 lib/enhanced-screenshot-simple.ts    | 10 ++++++++--
 lib/enhanced-screenshot.ts           |  8 +++++++-
 test-enhanced-screenshot.ts          |  7 ++++++-
 4 files changed, 28 insertions(+), 5 deletions(-)

diff --git a/app/api/enhanced-screenshot/route.js b/app/api/enhanced-screenshot/route.js
index 1a8fcb0..5212112 100644
--- a/app/api/enhanced-screenshot/route.js
+++ b/app/api/enhanced-screenshot/route.js
@@ -71,7 +71,13 @@ export async function POST(request) {
       }
     }
 
-    console.log('🔧 Using config:', config)
+    console.log('🔧 Using config:', {
+      symbol: config.symbol,
+      timeframe: config.timeframe,
+      layouts: config.layouts,
+      sessionId: config.sessionId,
+      credentials: '[REDACTED]'
+    })
 
     let screenshots = []
     let analysis = null
diff --git a/lib/enhanced-screenshot-simple.ts b/lib/enhanced-screenshot-simple.ts
index 2bbea49..b334864 100644
--- a/lib/enhanced-screenshot-simple.ts
+++ b/lib/enhanced-screenshot-simple.ts
@@ -22,8 +22,14 @@ export class EnhancedScreenshotService {
   private static diySession: TradingViewAutomation | null = null
 
   async captureWithLogin(config: ScreenshotConfig): Promise<string[]> {
-    console.log('🚀 Enhanced Screenshot Service - Docker Environment (Dual Session)')
-    console.log('📋 Config:', config)
+    console.log('🚀 Enhanced Screenshot Service - Docker Environment')
+    console.log('📋 Config:', {
+      symbol: config.symbol,
+      timeframe: config.timeframe,
+      layouts: config.layouts,
+      sessionId: config.sessionId,
+      credentials: '[REDACTED]'
+    })
     
     const screenshotFiles: string[] = []
     
diff --git a/lib/enhanced-screenshot.ts b/lib/enhanced-screenshot.ts
index fa9ca4e..98c61db 100644
--- a/lib/enhanced-screenshot.ts
+++ b/lib/enhanced-screenshot.ts
@@ -28,7 +28,13 @@ export class EnhancedScreenshotService {
 
   async captureWithLogin(config: ScreenshotConfig): Promise<string[]> {
     console.log('🚀 Enhanced Screenshot Service - Docker Environment (Dual Session)')
-    console.log('📋 Config:', config)
+    console.log('📋 Config:', {
+      symbol: config.symbol,
+      timeframe: config.timeframe,
+      layouts: config.layouts,
+      sessionId: config.sessionId,
+      credentials: '[REDACTED]'
+    })
     
     const screenshotFiles: string[] = []
     const { sessionId } = config
diff --git a/test-enhanced-screenshot.ts b/test-enhanced-screenshot.ts
index 4bfee5d..ee26a35 100644
--- a/test-enhanced-screenshot.ts
+++ b/test-enhanced-screenshot.ts
@@ -15,7 +15,12 @@ async function testDualSessionScreenshots() {
       }
     }
     
-    console.log('📋 Test Configuration:', config)
+    console.log('📋 Test Configuration:', {
+      symbol: config.symbol,
+      timeframe: config.timeframe,
+      layouts: config.layouts,
+      credentials: '[REDACTED]'
+    })
     
     // Perform the dual-session screenshot capture
     console.log('\n🔄 Starting dual-session capture...')