Skip to content

spring.data.mongodb.uri with credentials is exposed by /configprops endpoint #6903

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Dichotomia opened this issue Sep 16, 2016 · 1 comment
Closed

spring.data.mongodb.uri with credentials is exposed by /configprops endpoint #6903

Dichotomia opened this issue Sep 16, 2016 · 1 comment
Labels
status: duplicate A duplicate of another issue

Comments

@Dichotomia
Copy link
Contributor

Dichotomia commented Sep 16, 2016
edited
Loading

The property to configure the access to MongoDB (spring.data.mongodb.uri) contains login and password.

I think it could be a good idea to mask the login and the password (or the entire uri) because it contains confidential information.

I know we can create a custom mask endpoints.configprops.keys-to-sanitize property, but in that case it could be a default behavior.
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Sep 16, 2016
@snicoll
Copy link
Member

snicoll commented Sep 16, 2016

Duplicates #6876

@snicoll snicoll closed this as completed Sep 16, 2016
@snicoll snicoll added status: duplicate A duplicate of another issue and removed status: waiting-for-triage An issue we've not yet triaged labels Sep 16, 2016
@shakuzen shakuzen mentioned this issue Feb 14, 2017
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status: duplicate A duplicate of another issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@snicoll @Dichotomia @spring-projects-issues