[
https://issues.apache.org/jira/browse/CAMEL-16403?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Claus Ibsen updated CAMEL-16403:
--------------------------------
Fix Version/s: (was: 3.13.0)
3.x
> camel-core - URI parsing sensitive keys
> ---------------------------------------
>
> Key: CAMEL-16403
> URL: https://issues.apache.org/jira/browse/CAMEL-16403
> Project: Camel
> Issue Type: Improvement
> Components: camel-core
> Reporter: Claus Ibsen
> Assignee: Claus Ibsen
> Priority: Major
> Fix For: 3.x
>
>
> With SensitiveUtils we know have a full list of known property names that are
> sensitive.
> We can use this in endpoint uri parsing to know that its value should be used
> as-is (eg like it was RAW( ))
> Thought with RAW() there is still some decoding due to URI invalid chars, eg
> you can't have special chars in the uri, so they get decimal encoded.
> Another approach: We could also just generate a random uuid as placeholder
> for the value, which is backed in some internal registry/vault which then is
> used to lookup the actual value, when in use.
> However the uri may be used to call external service, like a http / ftp with
> username:password combination, so you may want an uri representation with the
> actual value. Likewise if there is some api tokens in the uri.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
