github-actions[bot]
commented
7 months ago Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.
Closed nodiaque closed 7 months ago
github-actions[bot]
commented
7 months ago Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.
aptalca
commented
7 months ago Isn't that unifi's log? If so, we don't control that and it should be reported upstream.
nodiaque
commented
7 months ago You are right, I see the older one was doing it also using the internal database of mongodb. I'll send that to unifi then!
Is there an existing issue for this?
Current Behavior
Hello,
When you open server.log, the full connection string http://user:pass@mongodb is written multiple time in plaintext. At least password should be scrubbed
Expected Behavior
Password to be scrubbed in logs unless debug mode is enable with a warning saying it's dumping pasword in plaint test.
Steps To Reproduce
Check server.log
Environment
CPU architecture
x86-64
Docker creation
Container logs