Skip to content

Commit

Permalink
Merge pull request #5553 from ddiroma/40130
Browse files Browse the repository at this point in the history
[BACKLOG-40130] Import/Export utility - user creds are not being supp…
  • Loading branch information
ddiroma authored Mar 6, 2024
2 parents 28ee973 + 1aa2bba commit 8aa4049
Showing 1 changed file with 1 addition and 9 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -35,15 +35,7 @@ public class FilteredAccessLogValve extends AccessLogValve {
public void log( CharArrayWriter message ) {
try ( CharArrayWriter caw = new CharArrayWriter() ) {
// Mask the user password
String tempString = message.toString();
if ( tempString.contains( "/pentaho/api/csrf" ) || tempString.contains( "/pentaho/api/repo/files/backup" ) ) {
tempString = tempString.replaceAll( "\\?userid[^&]+%26", "" );
tempString = tempString.replaceAll( "\\?userid[^&]+", "" );
tempString = tempString.replaceAll( "password[^&]+%26", "" );
tempString = tempString.replaceAll( "\\&password[^&]+", "" );
}
tempString = tempString.replaceAll( "j_password=[^&^ ]*", "j_password=***" );
caw.write( tempString );
caw.write( message.toString().replaceAll( "j_password=[^&^ ]*", "j_password=***" ) );
super.log( caw );
} catch ( IOException e ) {
e.printStackTrace();
Expand Down

0 comments on commit 8aa4049

Please sign in to comment.