RC3 - Critical information in config are not censored in logs
Issue #705
resolved
No description provided.
Comments (4)
-
reporter -
reporter removed 1,2,and 3.
4 is the result of LOG.info("Options loaded : " + Global.options.toStringNoKeys());
which apparently is not working -
reporter case was a problem . changed to
//Replace sensitive information String[] sensitiveKeys = {"apisecret", "apikey", "rpcpass", "apiSecret", "apiKey", "rpcPass"}; String replaceString = "hidden"; for (int i = 0; i < sensitiveKeys.length; i++) { serializedOptionsJSON.replace(sensitiveKeys[i], replaceString); }
-
reporter - changed status to resolved
- Log in to comment
They are not censored in multiple places
1:
2
3
4