Uploaded image for project: 'Camel'
  1. Camel
  2. CAMEL-16403

camel-core - URI parsing sensitive keys

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • 3.x
    • camel-core
    • None
    • Unknown

    Description

      With SensitiveUtils we know have a full list of known property names that are sensitive.
      We can use this in endpoint uri parsing to know that its value should be used as-is (eg like it was RAW( ))

      Thought with RAW() there is still some decoding due to URI invalid chars, eg you can't have special chars in the uri, so they get decimal encoded.

      Another approach: We could also just generate a random uuid as placeholder for the value, which is backed in some internal registry/vault which then is used to lookup the actual value, when in use.

      However the uri may be used to call external service, like a http / ftp with username:password combination, so you may want an uri representation with the actual value. Likewise if there is some api tokens in the uri.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              davsclaus Claus Ibsen
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: