From 1a6a1b49648726e633d33d37fb2b7e15c485ecf4 Mon Sep 17 00:00:00 2001
From: SoftFever <softfeverever@gmail.com>
Date: Wed, 14 Feb 2024 20:59:58 +0800
Subject: [PATCH] Security: skip more print_host related info

---
 src/libslic3r/GCode.cpp        | 13 ++++++++-----
 src/libslic3r/Preset.cpp       |  2 +-
 src/libslic3r/PresetBundle.cpp |  6 +++++-
 3 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/src/libslic3r/GCode.cpp b/src/libslic3r/GCode.cpp
index 8096bc7a88..3f6b742dab 100644
--- a/src/libslic3r/GCode.cpp
+++ b/src/libslic3r/GCode.cpp
@@ -4268,16 +4268,19 @@ void GCode::append_full_config(const Print &print, std::string &str)
 {
     const DynamicPrintConfig &cfg = print.full_print_config();
     // Sorted list of config keys, which shall not be stored into the G-code. Initializer list.
-    static constexpr auto banned_keys = {
+    static const std::set<std::string_view> banned_keys( {
         "compatible_printers"sv,
         "compatible_prints"sv,
         "print_host"sv,
+        "print_host_webui"sv,
         "printhost_apikey"sv,
-        "printhost_cafile"sv
-    };
-    assert(std::is_sorted(banned_keys.begin(), banned_keys.end()));
+        "printhost_cafile"sv,
+        "printhost_user"sv,
+        "printhost_password"sv,
+        "printhost_port"sv
+    });
     auto is_banned = [](const std::string &key) {
-        return std::binary_search(banned_keys.begin(), banned_keys.end(), key);
+        return banned_keys.find(key) != banned_keys.end();
     };
     std::ostringstream ss;
     for (const std::string& key : cfg.keys()) {
diff --git a/src/libslic3r/Preset.cpp b/src/libslic3r/Preset.cpp
index a11ba6385d..e6582e52b4 100644
--- a/src/libslic3r/Preset.cpp
+++ b/src/libslic3r/Preset.cpp
@@ -1835,7 +1835,7 @@ std::pair<Preset*, bool> PresetCollection::load_external_preset(
     keys.erase(std::remove_if(keys.begin(), keys.end(),
                               [](std::string &val) {
                                 return val == "print_host" || val == "print_host_webui" || val == "printhost_apikey" ||
-                                       val == "printhost_cafile";
+                                       val == "printhost_cafile" || val == "printhost_user" || val == "printhost_password" || val == "printhost_port";
                               }),
                keys.end());
     cfg.apply_only(combined_config, keys, true);
diff --git a/src/libslic3r/PresetBundle.cpp b/src/libslic3r/PresetBundle.cpp
index d3c5377ad2..8ea7953555 100644
--- a/src/libslic3r/PresetBundle.cpp
+++ b/src/libslic3r/PresetBundle.cpp
@@ -1951,7 +1951,11 @@ DynamicPrintConfig PresetBundle::full_config_secure() const
     config.erase("print_host");
     config.erase("print_host_webui");
     config.erase("printhost_apikey");
-    config.erase("printhost_cafile");    return config;
+    config.erase("printhost_cafile");    
+    config.erase("printhost_user");    
+    config.erase("printhost_password");    
+    config.erase("printhost_port");    
+    return config;
 }
 
 const std::set<std::string> ignore_settings_list ={