Uploaded image for project: 'Camel'
  1. Camel
  2. CAMEL-11269

URISupport sanitizeUri partial support for RAW()

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.19.0
    • Fix Version/s: 2.17.7, 2.18.4, 2.19.1, 2.20.0
    • Component/s: camel-core
    • Labels:
      None

      Description

      The usage of & symbol in a password wrapped by RAW() function breaks the masking of the password.

      The result of this is a partial leak of the clear text password.

      See this example:

      password=RAW(abc&SUFFIX) is translated into password=xxxxxx&SUFFIX

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                paolo.antinori Paolo Antinori
                Reporter:
                paolo.antinori Paolo Antinori
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: