Fadi Mohsen created CXF-7070:
--------------------------------
Summary: HTTP headers logged in debug
Key: CXF-7070
URL: https://issues.apache.org/jira/browse/CXF-7070
Project: CXF
Issue Type: Bug
Components: Transports
Reporter: Fadi Mohsen
We try to avoid logging of authorization header value in out/in requests, we
filtered out these in interceptors, but turns out these are logged anyway in
[CXF debug mode|
https://github.com/apache/cxf/blob/120d20f47022a76970ff0fb9c9d7413cfe019eb2/rt/transports/http/src/main/java/org/apache/cxf/transport/http/Headers.java#L436]:
{code}
if (LOG.isLoggable(Level.FINE)) {
LOG.log(Level.FINE, "Request Headers: " + headers.toString());
}
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
