Fincer
/
java-bookstore
mirror of https://github.com/Fincer/java-bookstore
1
0
Fork 0
Code Issues 0 Releases 4 Wiki Activity
Browse Source

Also exclude 'password' from server log entries 

Signed-off-by: Pekka Helenius <fincer89@hotmail.com>
v0.0.4-alpha
Pekka Helenius 4 years ago
parent
4f65b9d93b
commit
cf16711291
1 changed files with 7 additions and 3 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +7
    -3
      bookstore/src/main/java/com/fjordtek/bookstore/service/HttpServerLogger.java

+ 7
- 3
bookstore/src/main/java/com/fjordtek/bookstore/service/HttpServerLogger.java View File

@ -3,6 +3,7 @@
package com.fjordtek.bookstore.service; package com.fjordtek.bookstore.service;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration; import java.util.Enumeration;
import java.util.List; import java.util.List;
@ -42,12 +43,15 @@ public class HttpServerLogger {
if (requestParamNames != null) { if (requestParamNames != null) {
while (requestParamNames.hasMoreElements()) { while (requestParamNames.hasMoreElements()) {
String paramName = requestParamNames.nextElement().toString();
String paramName = requestParamNames.nextElement().toString();
/* /*
* Do not log CSRF tokens
* Do not include specific keywords to log entries
* (use method reference operator)
*/ */
if (paramName.contains("csrf")) continue;
String[] excludeKeywords = {"csrf", "password"};
if (Arrays.stream(excludeKeywords).anyMatch(paramName::contains)) continue;
String[] paramValues = request.getParameterValues(paramName); String[] paramValues = request.getParameterValues(paramName);


Write Preview
Loading…
Cancel
Save