Details

    • Type: Improvement Improvement
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.9.2
    • Fix Version/s: 2.9.3, 2.10.0
    • Component/s: camel-core
    • Labels:
    • Patch Info:
      Patch Available
    • Estimated Complexity:
      Unknown

      Description

      Sanitizes URI in debug messages that may otherwise reveal sensitive information.

      Design note:
      I opted to provide a specific method, URISupport.sanitizePath(String), instead of relaxing the match in URISupport.sanitizeUri(String). This is because formally an authority component in an URI is preceded by "//", which is not contained in the path part of the URI (see http://docs.oracle.com/javase/6/docs/api/java/net/URI.html).

      1. patch_notrace.txt
        5 kB
        João Loureiro

        Activity

        João Loureiro created issue -
        João Loureiro made changes -
        Field Original Value New Value
        Attachment camel_patch.txt [ 12525430 ]
        Hide
        Claus Ibsen added a comment -

        If you enable TRACE logging then you may get the raw data. And at that level the uris should NOT be changed.

        Its only at INFO and possible DEBUG level that they should, as that is a level ppl can run with in their environments.

        Show
        Claus Ibsen added a comment - If you enable TRACE logging then you may get the raw data. And at that level the uris should NOT be changed. Its only at INFO and possible DEBUG level that they should, as that is a level ppl can run with in their environments.
        Hide
        João Loureiro added a comment -

        OK, I understand. The patch then still stands for two DEBUG occurences and a generic toString().

        Show
        João Loureiro added a comment - OK, I understand. The patch then still stands for two DEBUG occurences and a generic toString().
        Hide
        Claus Ibsen added a comment -

        Do you mind attaching an updated patch?

        Show
        Claus Ibsen added a comment - Do you mind attaching an updated patch?
        João Loureiro made changes -
        Attachment camel_patch.txt [ 12525430 ]
        Hide
        João Loureiro added a comment -

        Patch update - leaves TRACE messages unchanged.

        Show
        João Loureiro added a comment - Patch update - leaves TRACE messages unchanged.
        João Loureiro made changes -
        Attachment patch_notrace.txt [ 12525698 ]
        Claus Ibsen made changes -
        Assignee Claus Ibsen [ davsclaus ]
        Hide
        Claus Ibsen added a comment -

        Thanks for the updated patch.

        Show
        Claus Ibsen added a comment - Thanks for the updated patch.
        Claus Ibsen made changes -
        Status Open [ 1 ] Resolved [ 5 ]
        Fix Version/s 2.9.3 [ 12320750 ]
        Resolution Fixed [ 1 ]
        Transition Time In Source Status Execution Times Last Executer Last Execution Date
        Open Open Resolved Resolved
        1d 20h 32m 1 Claus Ibsen 05/May/12 08:54

          People

          • Assignee:
            Claus Ibsen
            Reporter:
            João Loureiro
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development