D Green created LANG-945:
----------------------------
Summary: ToStringBuilder can expose passwords and other sensitive
data in logs
Key: LANG-945
URL: https://issues.apache.org/jira/browse/LANG-945
Project: Commons Lang
Issue Type: New Feature
Components: lang.builder.*
Reporter: D Green
We just noticed ToStringBuilder was exposing passwords in our logs - would be
nice to have a way of either ignoring or obfiscating the value of fields either
by passing in a vararg to the builder or having an annotation to do this.
Also, 'password' could possibly always be obfiscated by default?
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
