domains: remove SECRET_PLACEHOLDER from responses

src/dns/cloudflare.js

@@ -1,15 +1,5 @@
 'use strict';
 
-exports = module.exports = {
-    removePrivateFields,
-    injectPrivateFields,
-    upsert,
-    get,
-    del,
-    wait,
-    verifyDomainConfig
-};
-
 const assert = require('node:assert'),
     BoxError = require('../boxerror.js'),
     constants = require('../constants.js'),
@@ -25,12 +15,12 @@ const assert = require('node:assert'),
 const CLOUDFLARE_ENDPOINT = 'https://api.cloudflare.com/client/v4';
 
 function removePrivateFields(domainObject) {
-    domainObject.config.token = constants.SECRET_PLACEHOLDER;
+    delete domainObject.config.token;
     return domainObject;
 }
 
 function injectPrivateFields(newConfig, currentConfig) {
-    if (newConfig.token === constants.SECRET_PLACEHOLDER) newConfig.token = currentConfig.token;
+    if (!Object.hasOwn(newConfig, 'token')) newConfig.token = currentConfig.token;
 }
 
 function translateResponseError(response) {
@@ -291,3 +281,13 @@ async function verifyDomainConfig(domainObject) {
 
     return sanitizedConfig;
 }
+
+exports = module.exports = {
+    removePrivateFields,
+    injectPrivateFields,
+    upsert,
+    get,
+    del,
+    wait,
+    verifyDomainConfig
+};