potiuk commented on issue #36688: URL: https://github.com/apache/airflow/issues/36688#issuecomment-1901922955
I think @aritra24 is right - this is not about URL passwords (where the password should - indeed - be URL, encoded) - but if there is a password in connection, that does not get masked when we print a URL form of the connnection, then the quoted version should be masked. While we cannot prevent all the ways how password can be mangled and transformed (say you add space and Base64 such password for example), some common usages (like URL encoding) that are likely to appear in our logs should be masked as welll. If I read this one properly, the connection password is stored "as is" while we are quoting it i the output when printing it as "url" so we should mask it there. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
