Uploaded image for project: 'Nuxeo Drive '
  1. Nuxeo Drive
  2. NXDRIVE-1556

Display a warning when activating DEBUG logs about sensitive data

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 4.0.4
    • Fix Version/s: 4.1.0
    • Component/s: Logging

      Description

      When enabling the logging at the DEBUG or TRACE levels, the token may be displayed in the logs.

      This is not a security issue, because we are logging all HTTP calls and responses which may include the token.

      The token can be found in the URL, the HTTP headers or cookies.

      The goal is to log a warning about such potential security issues and also display a colored text below the "Generate a report".

        Attachments

          Issue Links

          is related to

          Clean up - NXDRIVE-2610 Remove the obsolete TRACE logging level

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 1 day
                  1d