[
https://issues.apache.org/jira/browse/OFBIZ-9310?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15968931#comment-15968931 ]
Aditya Sharma commented on OFBIZ-9310:
--------------------------------------
Thanks Jacques :)
> On setting verbose true, UtilHttp.getParameterMap() method prints username and password in logs
> -----------------------------------------------------------------------------------------------
>
> Key: OFBIZ-9310
> URL:
https://issues.apache.org/jira/browse/OFBIZ-9310> Project: OFBiz
> Issue Type: Sub-task
> Reporter: Aditya Sharma
> Assignee: Jacques Le Roux
> Fix For: Release Branch 14.12, Release Branch 15.12, Upcoming Release, 16.11.02
>
> Attachments: OFBIZ-9310.patch
>
>
> In UtilHttp.getParameterMap(HttpServletRequest request, Set<? extends String> nameSet, Boolean onlyIncludeOrSkip) method, following line of code prints username and password in logs when verbose is set to true.
> if (Debug.verboseOn()) {
> Debug.logVerbose("Made Request Parameter Map with [" + paramMap.size() + "] Entries", module);
> Debug.logVerbose("Request Parameter Map Entries: " + System.getProperty("line.separator") + UtilMisc.printMap(paramMap), module);
> }
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
Locked
