[ https://issues.apache.org/jira/browse/JCRVLT-175?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tobias Bocanegra reassigned JCRVLT-175: --------------------------------------- Assignee: Tobias Bocanegra > Ensure RcpTask is clearing out sensitive data in toString statement > ------------------------------------------------------------------- > > Key: JCRVLT-175 > URL: https://issues.apache.org/jira/browse/JCRVLT-175 > Project: Jackrabbit FileVault > Issue Type: Improvement > Components: vlt > Affects Versions: 3.1.38 > Reporter: Alex COLLIGNON > Assignee: Tobias Bocanegra > Priority: Minor > Attachments: > 0001-Test-information-disclosure-in-debug-statement-toStr.patch, > 0002-Fix-information-disclosure-in-debug-statement-toStri.patch > > > It would nice to prevent {{RcpTask#toString()}} to display credentials that > might be provided as part of the URL > ({{//<user>:<password>@<host>:<port>/<url-path>}} [0]). > [0] https://www.ietf.org/rfc/rfc1738.txt -- This message was sent by Atlassian JIRA (v6.3.15#6346)