Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

URLs which contain password is leaked in debug logs. #137

Open
mashhurs opened this issue Dec 14, 2022 · 0 comments
Open

URLs which contain password is leaked in debug logs. #137

mashhurs opened this issue Dec 14, 2022 · 0 comments
Assignees
@mashhurs
Labels
bug status:needs-triage

Comments

@mashhurs
Copy link

Issue description

There are mainly two issues with the plugin:

  • When Logstash registers the plugin with its configs, configs which contain passwords (in this case urls) are seen in the debug logs.
  • when preparing requests, we are logging in the logic which password is leaked. Details: URL with password are show in the log and STDOUT #81

Expectation

URLs should be in a way of securing the sensitive data so that it shouldn't allow sensitive data to print.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mashhurs mashhurs

Labels
bug status:needs-triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mashhurs