Skip to content

Added filter to remove sensitive application attributes from logging. #102

Merged
merged 2 commits into from Jan 25, 2014

4 participants

@mheath
mheath commented Jan 16, 2014

The services, environment, and request_uri attributes may all contain passwords and should not be logged.

@MarkKropf
Cloud Foundry member

@mheath I've created a story and prioritized it, thank you: https://www.pivotaltracker.com/story/show/64435730

@ematpl
Cloud Foundry member
ematpl commented Jan 24, 2014

Hi, @mheath ,

We noticed some inconsistency between the code and the spec: in particular, the spec looks for the request_uri field to be filtered out, but the code itself filters out droplet_uri. That seems like it might be a typo in the spec, but just wanted to verify what seems like an inconsistency.

Thanks, @ematpl and @kbkelly

@mheath
mheath commented Jan 24, 2014

You're absolutely right. I updated the PR to test for the droplet_uri field which is the correct name of the attribute that needs to be filtered.

@cf-runtime cf-runtime merged commit 480321d into cloudfoundry:master Jan 25, 2014

1 check passed

Details default The Travis CI build passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.