[
https://issues.apache.org/jira/browse/HTTPCLIENT-1922?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16470445#comment-16470445
]
Vijay Jamadade commented on HTTPCLIENT-1922:
--------------------------------------------
Thank you Oleg for quick response. But what is reason for httpclient-4.3.6.jar
printing sensitive information in debug. May be you missed my update in ticket.
Or shall i create a new ticket?
> org.apache.http.wire package is printing sensitive information in debug
> -----------------------------------------------------------------------
>
> Key: HTTPCLIENT-1922
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1922
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient (Windows)
> Environment: Windows, linux
> Reporter: Vijay Jamadade
> Priority: Minor
>
> Hi,
> We are using httpclient-4.3.6.jar for connecting to web service. Data being
> sent for authentication is sensitive data containing private keys used for
> authentication. But when i enable debug level logging for my connection,
> org.apache.http.wire is this jar prints this sensitive information in log.
> How can I disable this? Is this known issue?
> This can be major security issue as somebody can easily get sensitive
> information in logs this way.
> Thanks,
> Vijay
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
