Invalid basic authentication credentials should not be logged

mesosphere / chaos

A lightweight framework for writing REST services in Scala.

Apache License 2.0

250 stars 36 forks source link

Invalid basic authentication credentials should not be logged #26

Closed swartzrock closed 9 years ago

swartzrock commented 9 years ago

Currently, if the "--http_credentials" parameter does not contain a colon char it will be logged, which may expose a password. This information should never be logged as part of reporting an invalid parameter.

kolloch commented 9 years ago

Was merged, right? @swartzrock

swartzrock commented 9 years ago

Yup fixed, thanks