Hi Adesina, Feel free to provide a PR on GitHub ;-)
Gary On Wed, Jun 2, 2021, 06:21 abiyi2004 <[email protected]> wrote: > Good day, > It is great news that commons dbcp version 2.9.0 is imminent. > As known, connection URL can also contain credentials via a format like so: > > jdbc:oracle:thin:[<user>/<password>]@<host>[:<port>]:<SID>or > > jdbc:mysql://myhost1:3306/db_name?user=root&password=mypass > For a more robust sensitive information exposure protection, does it not > make sense to scrub url of possible username/password data before appending > the url in the toString() method, say, in class DriverAdapterCPDS? > > Regards, > Adesina >
