[
https://issues.apache.org/jira/browse/BEANUTILS-568?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17874875#comment-17874875
]
Gary D. Gregory commented on BEANUTILS-568:
-------------------------------------------
Hello [~keyboarddesirstroyer]
The best way to see what you mean is to provide a PR on GitHub including a unit
test.
> BeanUtils.setProperty may shouln't record trace log
> ---------------------------------------------------
>
> Key: BEANUTILS-568
> URL: https://issues.apache.org/jira/browse/BEANUTILS-568
> Project: Commons BeanUtils
> Issue Type: Bug
> Components: Bean / Property Utils
> Affects Versions: 1.9.4
> Environment: opening trace level log
> Reporter: Johnnie White
> Priority: Major
>
> When log level is trace, using BeanUtils.setProperty would record the value
> of bean. Even override the toString for bean, such like using * to hide the
> sensitive message. It would also show the original info without hiding.
>
> The better way to log is using bean's toString function, otherwise directly
> splice value and output
>
> (org/apache/commons/beanutils/BeanUtilsBean.java, line 888)
> (What's more, why I tried to upload a screenshot for code failed here?)
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
