diff --git a/package-lock.json b/package-lock.json
index 78bcf020d713201..745cda3faa9dfa5 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -49,7 +49,7 @@
 				"eslint-plugin-jsx-a11y": "6.10.2",
 				"eslint-plugin-react": "7.37.4",
 				"fast-glob": "3.3.3",
-				"fast-xml-parser": "5.0.8",
+				"fast-xml-parser": "5.0.9",
 				"github-slugger": "2.0.0",
 				"globals": "16.0.0",
 				"hastscript": "9.0.1",
@@ -9987,9 +9987,9 @@
 			"license": "BSD-3-Clause"
 		},
 		"node_modules/fast-xml-parser": {
-			"version": "5.0.8",
-			"resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-5.0.8.tgz",
-			"integrity": "sha512-qY8NiI5L8ff00F2giyICiJxSSKHO52tC36LJqx2JtvGyAd5ZfehC/l4iUVVHpmpIa6sM9N5mneSLHQG2INGoHA==",
+			"version": "5.0.9",
+			"resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-5.0.9.tgz",
+			"integrity": "sha512-2mBwCiuW3ycKQQ6SOesSB8WeF+fIGb6I/GG5vU5/XEptwFFhp9PE8b9O7fbs2dpq9fXn4ULR3UsfydNUCntf5A==",
 			"dev": true,
 			"funding": [
 				{
diff --git a/package.json b/package.json
index 3cbb5e413e4bd53..ace7e111c1f8643 100644
--- a/package.json
+++ b/package.json
@@ -67,7 +67,7 @@
 		"eslint-plugin-jsx-a11y": "6.10.2",
 		"eslint-plugin-react": "7.37.4",
 		"fast-glob": "3.3.3",
-		"fast-xml-parser": "5.0.8",
+		"fast-xml-parser": "5.0.9",
 		"github-slugger": "2.0.0",
 		"globals": "16.0.0",
 		"hastscript": "9.0.1",
diff --git a/public/cloudflare-one/static/authenticated-doh.py b/public/cloudflare-one/static/authenticated-doh.py
index 746e4c70016f8bc..2315aaeef17ce4f 100644
--- a/public/cloudflare-one/static/authenticated-doh.py
+++ b/public/cloudflare-one/static/authenticated-doh.py
@@ -69,7 +69,8 @@ def request_doh_token(account_tag, user_id, client_id, client_secret):
                '-H', f"Cf-Access-Client-Id: {client_id}",
                '-H', f"Cf-Access-Client-Secret: {client_secret}"]
     if verbose:
-        print(f"Issuing request {' '.join(command)}")
+        sanitized_command = [part if "Cf-Access-Client-Secret" not in part else "Cf-Access-Client-Secret: [REDACTED]" for part in command]
+        print(f"Issuing request {' '.join(sanitized_command)}")
     response = json.loads(subprocess.check_output(command))
     if verbose:
         print("Got response:")
@@ -145,8 +146,7 @@ def request(method, url, body):
 if client_id == "new":
     service_token_name = input('Please input name for service token > ')
     client_id, client_secret = request_create_service_token(service_token_name)
-    print(
-        f"Created service token with client_id {client_id} and client_secret {client_secret}. You may want to save these secrets.")
+    print("Created service token. Please save the client_secret securely.")
 
 
 if len(client_secret) == 0: