This is an automated email from the ASF dual-hosted git repository. davsclaus pushed a commit to branch camel-2.20.x in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/camel-2.20.x by this push: new f032f22 CAMEL-12439: FailedToCreateRouteException should mask sensitive information in uris f032f22 is described below commit f032f22b16b266b1fcde8889d529da1c7da6e1d2 Author: Claus Ibsen <claus.ib...@gmail.com> AuthorDate: Thu Apr 12 16:50:51 2018 +0200 CAMEL-12439: FailedToCreateRouteException should mask sensitive information in uris --- .../org/apache/camel/FailedToCreateRouteException.java | 5 +++++ .../camel/model/StartingRoutesErrorReportedTest.java | 16 ++++++++++++++++ 2 files changed, 21 insertions(+) diff --git a/camel-core/src/main/java/org/apache/camel/FailedToCreateRouteException.java b/camel-core/src/main/java/org/apache/camel/FailedToCreateRouteException.java index 639384c..00599b3 100644 --- a/camel-core/src/main/java/org/apache/camel/FailedToCreateRouteException.java +++ b/camel-core/src/main/java/org/apache/camel/FailedToCreateRouteException.java @@ -16,6 +16,8 @@ */ package org.apache.camel; +import org.apache.camel.util.URISupport; + /** * Exception when failing to create a {@link org.apache.camel.Route}. * @@ -48,6 +50,9 @@ public class FailedToCreateRouteException extends CamelException { } protected static String getRouteMessage(String route) { + // ensure to sanitize uri's in the route so we do not show sensitive information such as passwords + route = URISupport.sanitizeUri(route); + // cut the route after 60 chars so it won't be too big in the message // users just need to be able to identify the route so they know where to look if (route.length() > 60) { diff --git a/camel-core/src/test/java/org/apache/camel/model/StartingRoutesErrorReportedTest.java b/camel-core/src/test/java/org/apache/camel/model/StartingRoutesErrorReportedTest.java index e9beb08..11fcdd1 100644 --- a/camel-core/src/test/java/org/apache/camel/model/StartingRoutesErrorReportedTest.java +++ b/camel-core/src/test/java/org/apache/camel/model/StartingRoutesErrorReportedTest.java @@ -56,6 +56,22 @@ public class StartingRoutesErrorReportedTest extends ContextTestSupport { } } + public void testMaskPassword() throws Exception { + try { + context.addRoutes(new RouteBuilder() { + @Override + public void configure() throws Exception { + from("stub:foo?password=secret&beer=yes").routeId("route2").to("direct:result?foo=bar"); + } + }); + context.start(); + fail(); + } catch (FailedToCreateRouteException e) { + assertTrue(e.getMessage().startsWith("Failed to create route route2 at: >>> To[direct:result?foo=bar] <<< in route:" + + " Route(route2)[[From[stub:foo?password=xxxxxx&beer=yes]] -> [... because of")); + } + } + public void testInvalidBean() throws Exception { try { context.addRoutes(new RouteBuilder() { -- To stop receiving notification emails like this one, please contact davscl...@apache.org.