[OFBIZ-9310] On setting verbose true, UtilHttp.getParameterMap() method prints username and password in logs - ASF JIRA

Attach files

Attach Screenshot

Voters

Watch issue

Watchers

Link

Clone

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: Release Branch 14.12, Release Branch 15.12, 16.11.02, 17.12.01
Component/s: None
Labels:
None

Sprint:
Bug Crush Event - 21/2/2015

Description

In UtilHttp.getParameterMap(HttpServletRequest request, Set<? extends String> nameSet, Boolean onlyIncludeOrSkip) method, following line of code prints username and password in logs when verbose is set to true.

if (Debug.verboseOn())

{ Debug.logVerbose("Made Request Parameter Map with [" + paramMap.size() + "] Entries", module); Debug.logVerbose("Request Parameter Map Entries: " + System.getProperty("line.separator") + UtilMisc.printMap(paramMap), module); }

Attachments

OFBIZ-9310.patch
14/Apr/17 09:51
0.7 kB
Aditya Sharma

Activity

Comment

This comment will be Viewable by All Users Viewable by All Users

Cancel

People

Assignee:: Jacques Le Roux

Reporter:: Aditya Sharma

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 10/Apr/17 08:02

Updated:: 14/Apr/17 11:46

Resolved:: 14/Apr/17 11:07

Agile

Completed Sprint:: Bug Crush Event - 21/2/2015 ended 26/Feb/15

View on Board

On setting verbose true, UtilHttp.getParameterMap() method prints username and password in logs

Details

Description

Attachments

Attachments

Activity

People

Dates

Agile

Slack

Issue deployment