Claus Ibsen created CAMEL-16403:
-----------------------------------
Summary: camel-core - URI parsing sensitive keys
Key: CAMEL-16403
URL: https://issues.apache.org/jira/browse/CAMEL-16403
Project: Camel
Issue Type: Improvement
Components: camel-core
Reporter: Claus Ibsen
Assignee: Claus Ibsen
Fix For: 3.10.0
With SensitiveUtils we know have a full list of known property names that are
sensitive.
We can use this in endpoint uri parsing to know that its value should be used
as-is (eg like it was RAW( ))
Thought with RAW() there is still some decoding due to URI invalid chars, eg
you can't have special chars in the uri, so they get decimal encoded.
Another approach: We could also just generate a random uuid as placeholder for
the value, which is backed in some internal registry/vault which then is used
to lookup the actual value, when in use.
However the uri may be used to call external service, like a http / ftp with
username:password combination, so you may want an uri representation with the
actual value. Likewise if there is some api tokens in the uri.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
