[ https://issues.apache.org/jira/browse/CLOUDSTACK-4406?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13929962#comment-13929962 ]
Mandar Barve commented on CLOUDSTACK-4406: ------------------------------------------ - Updated APICommand annotation with new requestHasSensitiveInfo and responseHasSensitiveInfo flags set to default true. - Command classes updated to override based on sensitivity. - Checked the annotation in ApiServer to strip the sensitive info from log if command flag is set to true Ship it! b0c6d4734724358df97b6fa4d8c5beb0f447745e - daan Hoogland > Remove cleanString() call for every API to improve performance - especially > of the list APIs > -------------------------------------------------------------------------------------------- > > Key: CLOUDSTACK-4406 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-4406 > Project: CloudStack > Issue Type: Improvement > Security Level: Public(Anyone can view this level - this is the > default.) > Components: API > Affects Versions: 4.2.0 > Reporter: Nitin Mehta > Assignee: Mandar Barve > Priority: Critical > Fix For: Future, 4.4.0 > > > The cleanString() method is invoked for every API call to remove sensitive > data, but this is invoked for every api even though it might or might not > have it. This is not optimal as CS scales. We need a more optimized approach > to remove such data -- This message was sent by Atlassian JIRA (v6.2#6252)