Closed danspark closed 1 year ago
I agree. What about something like
String.Join(',', cnnString.Split(',').Where(x=> !x.Contains("password", StringComparison.InvariantCultureIgnoreCase)))
?
The configuration is parsed when the storage is constructed, maybe it would be better to store it and replace ConnectionString
with redisOptions.ToString(includePassword: false)
.
Since you agree, I'm opening a PR with that change.
Any progress on this issue? @danspark I can't seem to find the mentioned PR.
Hello @marcoCasamento, I opened a PR fixing this issue. Could you review it? https://github.com/marcoCasamento/Hangfire.Redis.StackExchange/pull/116
@marcoCasamento Should this issue be closed now?
Absolutely. It has been merged and as far as I remember, tested.
This causes the full connection string to be logged when the server is being started:
Starting Hangfire Server using job storage: 'redis://host.docker.internal:6379/0'
If there is a password in the connection string, it is not filtered and it will be logged.
I don't know if there's a reason for logging it, but if there isn't, another field can be used, or the password can be filtered out.