From 2f3c4d46180a19a383d2749ba33f4afda7745d79 Mon Sep 17 00:00:00 2001
From: drfho <dr.frank.hoffmann@web.de>
Date: Sat, 28 Mar 2026 00:23:06 +0800
Subject: [PATCH 1/5] Ensure key is treated as string for the 'in' check in
 Python 3

---
 src/Products/mcdutils/mapping.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/Products/mcdutils/mapping.py b/src/Products/mcdutils/mapping.py
index ca82248..3133268 100644
--- a/src/Products/mcdutils/mapping.py
+++ b/src/Products/mcdutils/mapping.py
@@ -65,8 +65,9 @@ def __repr__(self):
         # Overriding here to try and hide some password fields, like
         # the ZPublisher HTTPRequest class tries to do.
         new_dict = dict(self.data)
-        for key in new_dict.keys():
-            if 'passw' in key.lower():
+        for key in list(new_dict.keys()):
+            k_str = key.decode('utf-8', 'ignore') if isinstance(key, bytes) else str(key)
+            if 'passw' in k_str.lower():
                 new_dict[key] = '<password obscured>'
         return repr(new_dict)
 

From 7ba4265a21a5e587af828b9fb43c5b85e158917d Mon Sep 17 00:00:00 2001
From: drfho <dr.frank.hoffmann@web.de>
Date: Sat, 28 Mar 2026 00:25:39 +0800
Subject: [PATCH 2/5] Update CHANGES.rst for unreleased version 5.1

---
 CHANGES.rst | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGES.rst b/CHANGES.rst
index b8966d1..a2cd283 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -3,6 +3,7 @@ Change log
 
 5.1 (unreleased)
 ----------------
+- Ensure key 'passw' is treated as string for the 'in' check in ``__repr__``
 
 
 5.0 (2025-11-19)

From ac622e4344cffa73ee096e3ef333d20404dd1241 Mon Sep 17 00:00:00 2001
From: drfho <dr.frank.hoffmann@web.de>
Date: Sat, 28 Mar 2026 00:42:12 +0800
Subject: [PATCH 3/5] Obscure more sensitive fields

---
 src/Products/mcdutils/mapping.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/Products/mcdutils/mapping.py b/src/Products/mcdutils/mapping.py
index 3133268..276bc5d 100644
--- a/src/Products/mcdutils/mapping.py
+++ b/src/Products/mcdutils/mapping.py
@@ -66,8 +66,9 @@ def __repr__(self):
         # the ZPublisher HTTPRequest class tries to do.
         new_dict = dict(self.data)
         for key in list(new_dict.keys()):
-            k_str = key.decode('utf-8', 'ignore') if isinstance(key, bytes) else str(key)
-            if 'passw' in k_str.lower():
+            k_str = key.decode('utf-8', 'replace') if isinstance(key, bytes) else str(key)
+            lower_key = k_str.lower()
+            if any(marker in lower_key for marker in ('passw', 'pwd', 'secret', 'token', 'cred')):
                 new_dict[key] = '<password obscured>'
         return repr(new_dict)
 

From 3ee61e4ebf168d97a4a8153e7123763f54ee108e Mon Sep 17 00:00:00 2001
From: drfho <dr.frank.hoffmann@web.de>
Date: Sat, 28 Mar 2026 00:54:57 +0800
Subject: [PATCH 4/5] linting

---
 src/Products/mcdutils/mapping.py | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/src/Products/mcdutils/mapping.py b/src/Products/mcdutils/mapping.py
index 276bc5d..4445ac5 100644
--- a/src/Products/mcdutils/mapping.py
+++ b/src/Products/mcdutils/mapping.py
@@ -66,9 +66,19 @@ def __repr__(self):
         # the ZPublisher HTTPRequest class tries to do.
         new_dict = dict(self.data)
         for key in list(new_dict.keys()):
-            k_str = key.decode('utf-8', 'replace') if isinstance(key, bytes) else str(key)
+            k_str = (
+                key.decode("utf-8", "replace")
+                if isinstance(key, (bytes, bytearray))
+                else str(key)
+            )
             lower_key = k_str.lower()
-            if any(marker in lower_key for marker in ('passw', 'pwd', 'secret', 'token', 'cred')):
+            if any(
+                marker in lower_key for marker in (
+                    'passw', 
+                    'pwd', 
+                    'secret', 
+                    'token', 
+                    'cred')):
                 new_dict[key] = '<password obscured>'
         return repr(new_dict)
 

From f320d8e53ef28b0955d7e26077fc420a89bcdd01 Mon Sep 17 00:00:00 2001
From: drfho <dr.frank.hoffmann@web.de>
Date: Sat, 28 Mar 2026 00:58:00 +0800
Subject: [PATCH 5/5] cleaned whitespace

---
 src/Products/mcdutils/mapping.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/Products/mcdutils/mapping.py b/src/Products/mcdutils/mapping.py
index 4445ac5..07931ea 100644
--- a/src/Products/mcdutils/mapping.py
+++ b/src/Products/mcdutils/mapping.py
@@ -74,10 +74,10 @@ def __repr__(self):
             lower_key = k_str.lower()
             if any(
                 marker in lower_key for marker in (
-                    'passw', 
-                    'pwd', 
-                    'secret', 
-                    'token', 
+                    'passw',
+                    'pwd',
+                    'secret',
+                    'token',
                     'cred')):
                 new_dict[key] = '<password obscured>'
         return repr(new_dict)