[NXDRIVE-1481] Do not disclose the token in logs - Nuxeo Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: 4.0.2
Fix Version/s: 4.0.3
Component/s: Logging, Security

Tags:
- nxDrive
Story Points:
0

Description

It is possible to read those kind of lines in the logs:

nxdrive://token/TOKEN/user/USER@SERVER

It is too dangerous and a security concern. Just remove it.

Attachments

Activity

People

Assignee:

Mickaël Schoentgen

Reporter:

Mickaël Schoentgen

Participants:

Jenkins, Mickaël Schoentgen

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

2018-12-21 16:08

Updated:

2020-07-31 11:32

Resolved:

2018-12-21 16:27

Time Tracking

Estimated:

Not Specified

Remaining:

0m

Logged:

1h