axtq opened a new issue, #12639: URL: https://github.com/apache/apisix/issues/12639
### Current Behavior While using the APISIX Dashboard, I noticed that sensitive fields such as admin keys and secret vault tokens are displayed in plain text. This poses a potential security risk, as anyone with access to the dashboard UI can easily see and copy these credentials. ### Expected Behavior Sensitive fields (e.g., keys, tokens, secrets) should be masked or hidden by default, similar to how password fields are handled. Ideally, the dashboard should display these fields as password-type fields (•••••). ### Error Logs _No response_ ### Steps to Reproduce 1. Log in to the APISIX Dashboard. 2. 3. Navigate to configuration sections where sensitive values are managed (e.g., admin key, secret vault tokens, or similar). 4. 5. Observe that the values are shown in plain text without any masking ### Environment - APISIX version (run `apisix version`): 3.13 - Operating system (run `uname -a`): Linux - Docker - APISIX Dashboard version, if relevant: 3.13 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
