diff --git a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/Sanitizer.java b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/Sanitizer.java
index 50e453d95702..34b040ef8695 100644
--- a/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/Sanitizer.java
+++ b/spring-boot-actuator/src/main/java/org/springframework/boot/actuate/endpoint/Sanitizer.java
@@ -36,7 +36,8 @@ class Sanitizer {
 	private Pattern[] keysToSanitize;
 
 	Sanitizer() {
-		this("password", "secret", "key", "token", ".*credentials.*", "vcap_services");
+		this("password", "secret", "key", "token", ".*credentials.*", "vcap_services",
+				"uri", "url");
 	}
 
 	Sanitizer(String... keysToSanitize) {
diff --git a/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/SanitizerTests.java b/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/SanitizerTests.java
index 7b36aee94871..bad375dfd580 100644
--- a/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/SanitizerTests.java
+++ b/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/SanitizerTests.java
@@ -38,6 +38,12 @@ public void defaults() throws Exception {
 		assertThat(sanitizer.sanitize("somekey", "secret")).isEqualTo("******");
 		assertThat(sanitizer.sanitize("token", "secret")).isEqualTo("******");
 		assertThat(sanitizer.sanitize("sometoken", "secret")).isEqualTo("******");
+		assertThat(sanitizer.sanitize("cloud.services.mysql.connection.uri",
+				"jdbc:mysql://mysql.example.com/ad_52e8338d0dd5336?user=bd06cab2b844bb&password=8626a3a4"))
+						.isEqualTo("******");
+		assertThat(sanitizer.sanitize("cloud.services.mysql.connection.jdbcurl",
+				"jdbc:mysql://mysql.example.com/ad_52e8338d0dd5336?user=bd06cab2b844bb&password=8626a3a4"))
+						.isEqualTo("******");
 		assertThat(sanitizer.sanitize("find", "secret")).isEqualTo("secret");
 	}