You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@camel.apache.org by "Claus Ibsen (JIRA)" <ji...@apache.org> on 2018/05/04 07:28:00 UTC

[jira] [Updated] (CAMEL-12480) HttpOperationFailedException exposes password when using basic auth with user:password@host notation

     [ https://issues.apache.org/jira/browse/CAMEL-12480?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Claus Ibsen updated CAMEL-12480:
--------------------------------
    Fix Version/s: 2.22.0
                   2.21.2
                   2.20.4

> HttpOperationFailedException exposes password when using basic auth with user:password@host notation
> ----------------------------------------------------------------------------------------------------
>
>                 Key: CAMEL-12480
>                 URL: https://issues.apache.org/jira/browse/CAMEL-12480
>             Project: Camel
>          Issue Type: Bug
>          Components: camel-http-common
>    Affects Versions: 2.21.0
>            Reporter: Pascal Schumacher
>            Priority: Minor
>             Fix For: 2.20.4, 2.21.2, 2.22.0
>
>
> Simplified route:
> {code}
> from(inUri)
>             .toD("http4://user:password@host:port/path");
> {code}
> When a HttpOperationFailedException occurs the message contains the unmasked password e.g. "HTTP operation failed invoking http://user:password@host:port/path ..."
> I guess Camel should mask the password.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)