Details

    • Type: Improvement Improvement
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.9.2
    • Fix Version/s: 2.9.3, 2.10.0
    • Component/s: camel-core
    • Labels:
    • Patch Info:
      Patch Available
    • Estimated Complexity:
      Unknown

      Description

      Sanitizes URI in debug messages that may otherwise reveal sensitive information.

      Design note:
      I opted to provide a specific method, URISupport.sanitizePath(String), instead of relaxing the match in URISupport.sanitizeUri(String). This is because formally an authority component in an URI is preceded by "//", which is not contained in the path part of the URI (see http://docs.oracle.com/javase/6/docs/api/java/net/URI.html).

      1. patch_notrace.txt
        5 kB
        João Loureiro

        Activity

        Hide
        Claus Ibsen added a comment -

        If you enable TRACE logging then you may get the raw data. And at that level the uris should NOT be changed.

        Its only at INFO and possible DEBUG level that they should, as that is a level ppl can run with in their environments.

        Show
        Claus Ibsen added a comment - If you enable TRACE logging then you may get the raw data. And at that level the uris should NOT be changed. Its only at INFO and possible DEBUG level that they should, as that is a level ppl can run with in their environments.
        Hide
        João Loureiro added a comment -

        OK, I understand. The patch then still stands for two DEBUG occurences and a generic toString().

        Show
        João Loureiro added a comment - OK, I understand. The patch then still stands for two DEBUG occurences and a generic toString().
        Hide
        Claus Ibsen added a comment -

        Do you mind attaching an updated patch?

        Show
        Claus Ibsen added a comment - Do you mind attaching an updated patch?
        Hide
        João Loureiro added a comment -

        Patch update - leaves TRACE messages unchanged.

        Show
        João Loureiro added a comment - Patch update - leaves TRACE messages unchanged.
        Hide
        Claus Ibsen added a comment -

        Thanks for the updated patch.

        Show
        Claus Ibsen added a comment - Thanks for the updated patch.

          People

          • Assignee:
            Claus Ibsen
            Reporter:
            João Loureiro
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development