You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In Wix 3.10, a bugfix was made: http://wixtoolset.org/issues/4731/ (#4731)
that obfuscated the values of hidden bundle variables. I appreciated that very much.
However, since passing sensitive information is considered a valid use case, it would be even better if hidden bundle variable values were stored and passed to the custom bootstrapper application as SecureStrings. By doing so, a user would not have to deal with having its sensitive information available in process memory as plain text.
Currently, all command line args are available by:
Command.GetCommandLineArgs()
My proposal is to remove any hidden bundle variable from there and add it to a separate method such as:
Command.GetHiddenCommandLineArgs()
Since such a change would break the current behavior, I would suggest it for the 4.0 track.
It is hard for me to determine if this is a bug or a feature request.
Originally opened by lillegard
The text was updated successfully, but these errors were encountered:
In Wix 3.10, a bugfix was made:
http://wixtoolset.org/issues/4731/ (#4731)
that obfuscated the values of hidden bundle variables. I appreciated that very much.
However, since passing sensitive information is considered a valid use case, it would be even better if hidden bundle variable values were stored and passed to the custom bootstrapper application as SecureStrings. By doing so, a user would not have to deal with having its sensitive information available in process memory as plain text.
Currently, all command line args are available by:
Command.GetCommandLineArgs()
My proposal is to remove any hidden bundle variable from there and add it to a separate method such as:
Command.GetHiddenCommandLineArgs()
Since such a change would break the current behavior, I would suggest it for the 4.0 track.
It is hard for me to determine if this is a bug or a feature request.
The text was updated successfully, but these errors were encountered: