[OFBIZ-9310] On setting verbose true, UtilHttp.getParameterMap() method prints username and password in logs - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: Release Branch 14.12, Release Branch 15.12, 16.11.02, 17.12.01
Component/s: None
Labels:
None

Sprint:
Bug Crush Event - 21/2/2015

Description

In UtilHttp.getParameterMap(HttpServletRequest request, Set<? extends String> nameSet, Boolean onlyIncludeOrSkip) method, following line of code prints username and password in logs when verbose is set to true.

if (Debug.verboseOn())

{ Debug.logVerbose("Made Request Parameter Map with [" + paramMap.size() + "] Entries", module); Debug.logVerbose("Request Parameter Map Entries: " + System.getProperty("line.separator") + UtilMisc.printMap(paramMap), module); }

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending

Attachments

OFBIZ-9310.patch
14/Apr/17 09:51
0.7 kB
Aditya Sharma

Activity

People

Assignee:

Jacques Le Roux

Reporter:

Aditya Sharma

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

10/Apr/17 08:02

Updated:

14/Apr/17 11:46

Resolved:

14/Apr/17 11:07