Prevent exposing too much information in the kcContext.realm of the single page account UI

2024-07-28 20:01:11 +02:00 · 2024-07-28 20:01:11 +02:00 · 4ac14dc074
commit 4ac14dc074
parent fcdbb04ea6
1 changed files with 12 additions and 0 deletions
--- a/src/bin/keycloakify/generateFtl/kcContextDeclarationTemplate.ftl
+++ b/src/bin/keycloakify/generateFtl/kcContextDeclarationTemplate.ftl
@ -208,6 +208,18 @@ function decodeHtmlEntities(htmlStr){
                ) || (
                    key == "attributes" &&
                    areSamePath(path, ["realm"])
+                ) || (
+                    xKeycloakify.pageId == "index.ftl" &&
+                    xKeycloakify.themeType == "account" &&
+                    areSamePath(path, ["realm"]) &&
+                    ![ 
+                        "name",
+                        "registrationEmailAsUsername",
+                        "editUsernameAllowed",
+                        "isInternationalizationEnabled",
+                        "identityFederationEnabled",
+                        "userManagedAccessAllowed"
+                    ]?seq_contains(key)
                )
            >
                <#-- <#local outSeq += ["/*" + path?join(".") + "." + key + " excluded*/"]> -->