Hide rpc headers when list networks with `stellar network ls --long`.#2441

fnando · 2026-03-10T18:00:22Z

What

$ target/debug/stellar network ls --long
Name: mynet
RPC url: https://rpc.example.com
RPC headers:
  Authorization: <concealed>
Network passphrase: Test SDF Network ; September 2015

Name: prod
RPC url: https://mainnet.sorobanrpc.com
RPC headers: not set
Network passphrase: Public Global Stellar Network ; September 2015

Name: pubnet
RPC url: https://mainnet.sorobanrpc.com
RPC headers: not set
Network passphrase: Public Global Stellar Network ; September 2015

Name: test-net-headers
RPC url: http://localhost:8000/rpc
RPC headers:
  Authorization: <concealed>
  X-Api-Key: <concealed>
Network passphrase: Test Network

Name: local
RPC url: http://localhost:8000/rpc
RPC headers: not set
Network passphrase: Standalone Network ; February 2017

Name: futurenet
RPC url: https://rpc-futurenet.stellar.org:443
RPC headers: not set
Network passphrase: Test SDF Future Network ; October 2022

Name: mainnet
RPC url: Bring Your Own: https://developers.stellar.org/docs/data/rpc/rpc-providers
RPC headers: not set
Network passphrase: Public Global Stellar Network ; September 2015

Name: testnet
RPC url: https://soroban-testnet.stellar.org
RPC headers: not set
Network passphrase: Test SDF Network ; September 2015

Why

https://hackerone.com/reports/3596218

Known limitations

N/A

Copilot

Pull request overview

This PR updates the stellar network ls --long output to avoid leaking RPC header values by concealing them in the long listing, addressing the reported security issue.

Changes:

Update network ls --long formatting to print RPC URL, passphrase, and RPC header names while concealing header values.
Improve long listing readability by separating entries with a blank line.
Add integration tests ensuring RPC header values are not printed and that “not set” is shown when no headers exist.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File	Description
cmd/soroban-cli/src/commands/network/ls.rs	Reworks long network listing output to conceal RPC header values and adjusts entry separators.
cmd/crates/soroban-test/tests/it/integration/network.rs	Adds integration tests to validate concealed header output and “not set” behavior.

Hide rpc headers when list networks with stellar network ls --long.

089e8e1

Copilot AI review requested due to automatic review settings March 10, 2026 18:00

github-project-automation Bot added this to DevX Mar 10, 2026

github-project-automation Bot moved this to Backlog (Not Ready) in DevX Mar 10, 2026

fnando self-assigned this Mar 10, 2026

fnando moved this from Backlog (Not Ready) to Needs Review in DevX Mar 10, 2026

Copilot started reviewing on behalf of fnando March 10, 2026 18:00 View session

fnando requested review from a team and leighmcculloch March 10, 2026 18:01

Copilot AI reviewed Mar 10, 2026

View reviewed changes

Comment thread cmd/crates/soroban-test/tests/it/integration/network.rs

Comment thread cmd/crates/soroban-test/tests/it/integration/network.rs

Address pr feedback.

b15eee3

leighmcculloch approved these changes Mar 10, 2026

View reviewed changes

fnando merged commit bfee6e7 into main Mar 10, 2026
178 of 193 checks passed

fnando deleted the network-ls-long branch March 10, 2026 19:49

github-project-automation Bot moved this from Needs Review to Done in DevX Mar 10, 2026

BrewTestBot mentioned this pull request Mar 11, 2026

stellar-cli 25.2.0 Homebrew/homebrew-core#271805

Merged

coderabbitai Bot mentioned this pull request Apr 22, 2026

Docs/gateway contract readme Alien-Protocol/Alien-Protocol#383

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Hide rpc headers when list networks with `stellar network ls --long`.#2441