You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@camel.apache.org by "Claus Ibsen (JIRA)" <ji...@apache.org> on 2017/05/13 07:53:04 UTC

[jira] [Updated] (CAMEL-11269) URISupport sanitizeUri partial support for RAW()

     [ https://issues.apache.org/jira/browse/CAMEL-11269?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Claus Ibsen updated CAMEL-11269:
--------------------------------
    Fix Version/s: 2.20.0
                   2.19.1
                   2.18.4

> URISupport sanitizeUri partial support for RAW()
> ------------------------------------------------
>
>                 Key: CAMEL-11269
>                 URL: https://issues.apache.org/jira/browse/CAMEL-11269
>             Project: Camel
>          Issue Type: Bug
>          Components: camel-core
>    Affects Versions: 2.19.0
>            Reporter: Paolo Antinori
>            Assignee: Paolo Antinori
>             Fix For: 2.18.4, 2.19.1, 2.20.0
>
>
> The usage of {{&}} symbol in a password wrapped by {{RAW()}} function breaks the masking of the password.
> The result of this is a partial leak of the clear text password.
> See this example:
> {{password=RAW(abc&SUFFIX)}} is translated into {{password=xxxxxx&SUFFIX}}



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)