Uploaded image for project: 'Commons BeanUtils'
  1. Commons BeanUtils
  2. BEANUTILS-568

BeanUtils.setProperty may shouln't record trace log

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 1.9.4
    • None
    • Bean / Property Utils
    • None

    • opening trace level log

    Description

      When log level is trace, using BeanUtils.setProperty would record the value of bean. Even override the toString for bean, such like using * to hide the sensitive message. It would also show the original info without hiding.

       

      The better way to log is using bean's toString function, otherwise directly splice value and output

       

      (org/apache/commons/beanutils/BeanUtilsBean.java, line 888)

      (What's more, why I tried to upload a screenshot for code failed here?)

       

      Attachments

        Activity

          People

            Unassigned Unassigned
            keyboarddesirstroyer Johnnie White
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: