Details
-
Type:
Bug
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 2.15.1
-
Component/s: camel-core
-
Labels:None
-
Environment:
java version "1.7.0_45", Linux, Mac
-
Estimated Complexity:Unknown
Description
I am creating a camel endpoint such as this (somehost/someport/baseurl have been replaced):
https4://somehost:someport/baseurl?authenticationPreemptive=true&authPassword=RAW(foo%bar)&authUsername=RAW(username)
This causes camel to log the entire endpoint, including the user/password:
(DefaultComponent.java:67) - Supplied URI 'https4://somehost:someport/baseurl?authenticationPreemptive=true&authPassword=RAW(foo%bar)&authUsername=RAW(username)' contains unsafe characters, please check encoding
Consider:
-It is a security issue to log the username/password
-Specifiying RAW would allow for special characters, specifically for passwords, as indicated here : https://camel.apache.org/configuring-camel.html, but it seems that UnsafeUriCharactersEncoder is not handling them appropriately.
Attachments
Issue Links
- is related to
-
-
- Resolved
-