You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the issue
The commit cd0b555 introduced the property logServerErrorDetail to prevent logging of sensitive server errors such as statements with embedded keys etc.
However, when the BatchResultHandler converts PSQLExceptions to BatchUpdateExceptions this will still leak sensitive sql, which may contain keys, passwords, PII, or similar to logs.
Driver Version?
42.2.20
Java Version?
11
OS Version?
Windows
PostgreSQL Version?
12
To Reproduce
force a constraintviolationexception such as duplicate index. When done in a batch this will expose a BatchUpdateException which will contain the full statement along with all parameters to the sql.
Expected behaviour
BatchUpdateException should not expose server errors when logServerErrorDetail is set to false (default is already true)
Logs
n/a
The text was updated successfully, but these errors were encountered:
I'm submitting a ...
Describe the issue
The commit cd0b555 introduced the property logServerErrorDetail to prevent logging of sensitive server errors such as statements with embedded keys etc.
However, when the BatchResultHandler converts PSQLExceptions to BatchUpdateExceptions this will still leak sensitive sql, which may contain keys, passwords, PII, or similar to logs.
Driver Version?
42.2.20
Java Version?
11
OS Version?
Windows
PostgreSQL Version?
12
To Reproduce
force a constraintviolationexception such as duplicate index. When done in a batch this will expose a BatchUpdateException which will contain the full statement along with all parameters to the sql.
Expected behaviour
BatchUpdateException should not expose server errors when logServerErrorDetail is set to false (default is already true)
Logs
n/a
The text was updated successfully, but these errors were encountered: