From caae421f3ac9f29a2423229db1a0578ab815f51d Mon Sep 17 00:00:00 2001
From: Peter Silva <peter@bsqt.homeip.net>
Date: Fri, 24 May 2024 15:50:15 -0400
Subject: [PATCH] another effect of. passwords should not be in credential db
 keys

---
 sarracenia/credentials.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/sarracenia/credentials.py b/sarracenia/credentials.py
index ae392db21..c719a70c1 100755
--- a/sarracenia/credentials.py
+++ b/sarracenia/credentials.py
@@ -233,7 +233,11 @@ def get(self, urlstr):
         # cache it as is... we dont want to validate every time
 
         self.add(urlstr)
-        return False, self.credentials[urlstr]
+        if url and url.password:
+            k=urlstr.replace( f':{url.password}@', '@' )
+        else:
+            k=urlstr
+        return False, self.credentials[k]
 
     def has(self, urlstr):
         """Return ``True`` if the Credential matching the urlstr is already in the CredentialDB.