GitHub user mikewallace1979 opened a pull request:
https://github.com/apache/couchdb-couch-replicator/pull/25
Avoid logging creds on couch_replicator termination
When couch_replicator terminates with an error we log the #rep
record which can contain credentials for the source or target
of a replication, either in the url directly or in an Authorization
header.
This commit adds a function to strip credentials from the #httpdb
records in the #rep record and replace them with ****.
Specifically this concerns the url and headers fields of the
#rep.source and #rep.target #httpdb records.
Closes COUCHDB-2949
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/mikewallace1979/couchdb-couch-replicator
2949-avoid-logging-creds-on-couch_replicator-termination
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/couchdb-couch-replicator/pull/25.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #25
----
commit b6913a16eb67057d79b7b373d31fd95d015f7f18
Author: Mike Wallace <[email protected]>
Date: 2016-02-10T14:59:50Z
Avoid logging creds on couch_replicator termination
When couch_replicator terminates with an error we log the #rep
record which can contain credentials for the source or target
of a replication, either in the url directly or in an Authorization
header.
This commit adds a function to strip credentials from the #httpdb
records in the #rep record and replace them with ****.
Specifically this concerns the url and headers fields of the
#rep.source and #rep.target #httpdb records.
Closes COUCHDB-2949
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
