Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
2.15.1
-
None
-
java version "1.7.0_45", Linux, Mac
-
Unknown
Description
I am creating a camel endpoint such as this (somehost/someport/baseurl have been replaced):
https4://somehost:someport/baseurl?authenticationPreemptive=true&authPassword=RAW(foo%bar)&authUsername=RAW(username)
This causes camel to log the entire endpoint, including the user/password:
(DefaultComponent.java:67) - Supplied URI 'https4://somehost:someport/baseurl?authenticationPreemptive=true&authPassword=RAW(foo%bar)&authUsername=RAW(username)' contains unsafe characters, please check encoding
Consider:
-It is a security issue to log the username/password
-Specifiying RAW would allow for special characters, specifically for passwords, as indicated here : https://camel.apache.org/configuring-camel.html, but it seems that UnsafeUriCharactersEncoder is not handling them appropriately.
Attachments
Issue Links
- is related to
-
CAMEL-8649 Camel RAW() cannot handle String of %2050
- Resolved