From 397a4d4a446eb98b0f7e8a0bb8a5dbcd27c6ab9d Mon Sep 17 00:00:00 2001
From: Marcus Bointon <marcus@synchromedia.co.uk>
Date: Tue, 29 Aug 2023 09:44:47 +0200
Subject: [PATCH] Don't reflect a malformed DSN in error messages. It's not
 necessary, and carries a distant risk of XSS in the host app.

---
 src/DSNConfigurator.php | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/DSNConfigurator.php b/src/DSNConfigurator.php
index ab707d2b..566c9618 100644
--- a/src/DSNConfigurator.php
+++ b/src/DSNConfigurator.php
@@ -80,9 +80,7 @@ class DSNConfigurator
         $config = $this->parseUrl($dsn);
 
         if (false === $config || !isset($config['scheme']) || !isset($config['host'])) {
-            throw new Exception(
-                sprintf('Malformed DSN: "%s".', $dsn)
-            );
+            throw new Exception('Malformed DSN');
         }
 
         if (isset($config['query'])) {