Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-9872

Avoid logging unsanitized input

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • GraphQL Core 0.0.6
    • GraphQL Core 0.0.8
    • GraphQL
    • None

    Description

      As flagged by SonarCloud in https://github.com/apache/sling-org-apache-sling-graphql-core/pull/13 we are logging data provided by clients (the GraphQL query text in this case) in some places.

      This should be avoided, or the data sanitized before logging.

      Attachments

        Issue Links

          is caused by

          Bug - A problem which impairs or prevents the functions of the product. SLING-9870 NullPointerException, in case Locations are null in a GraphQL error response

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              bdelacretaz Bertrand Delacretaz
              bdelacretaz Bertrand Delacretaz
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: