josebolos
commented
3 years ago Hi @MontyD,
Thanks a lot for reporting the issue. You're right that the username and password shouldn't be logged there. We'll try to have a look at it asap.
Closed MontyD closed 3 years ago
josebolos
commented
3 years ago Hi @MontyD,
Thanks a lot for reporting the issue. You're right that the username and password shouldn't be logged there. We'll try to have a look at it asap.
josebolos
commented
3 years ago This has now been fixed in v3.2.1 of pa11y-webservice. Pa11y-dashboard v3.3.0 should pick up the latest version of webservice including the fix.
Thanks again for creating the issue!
Hello! Thanks for all your work on this project.
I've noticed that when the dashboard starts, the mongo connection string is logged. When connecting to a mongo instance using username and password (e.g.
mongodb://username:password@localhost/test) this means that the username and password are also logged.Could the log line be removed, or perhaps just the database host name be logged instead?
To reproduce:
Run a mongo instance that requires an authenticated user for connection, and then connect to it using the mongo connection string:
See that the username and password is logged on startup.