Skip to content

Basic auth is exposed when Consul fails #464

Description

@ilawjr

Description:
Petasos exposed basic auth to consul in it's logs when the consul server went out of service. (gateway 502 error).

{
authorization: Basic [redacted]
device_id: [redacted]/config
error: Unexpected response code: 502 (

<title>502 Bad Gateway</title>

502 Bad Gateway


nginx/1.10.2 ) level: error msg: accessor failed to return an instance ts: 2020-03-10T18:13:07.133368323Z }

Expected:
Basic auth would be obfuscated.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions