[jira] [Commented] (VFS-430) The SoftRefFilesCache class logs clear text password

Antonin Stefanutti (JIRA) Mon, 23 Jul 2012 10:49:37 -0700

    [ 
https://issues.apache.org/jira/browse/VFS-430?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13420817#comment-13420817
 ]


Antonin Stefanutti commented on VFS-430:
----------------------------------------

I would rather be defensive in that sensitive case and make sure that clear 
type password isn't logged inadvertently. But you're right that might break 
somehow the behavior of the API.
                
> The SoftRefFilesCache class logs clear text password
> ----------------------------------------------------
>
>                 Key: VFS-430
>                 URL: https://issues.apache.org/jira/browse/VFS-430
>             Project: Commons VFS
>          Issue Type: Bug
>    Affects Versions: 2.0
>            Reporter: Antonin Stefanutti
>             Fix For: 2.1
>
>
> The {{org.apache.commons.vfs2.cache.SoftRefFilesCache}} class logs 
> {{FileName}} in the {{putFile}} method with the {{FileName.toString()}} that 
> returns URL with clear password while it should be using the 
> {{FileName.getFriendlyURI()}} method.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Commented] (VFS-430) The SoftRefFilesCache class logs clear text password

Reply via email to