Issue #3822: Don't log Negotiate or cookies - freeipa

freeipa

#3822 Don't log Negotiate or cookies

Opened 10 years ago by rcritten. Modified 7 years ago

The client installer log may log the full Kerberos Negotiate header and Set-Cookie output. This in itself isn't a huge problem, but if this log is posted to a public list there is some amount of exposure to the poster.

These values are not exactly critical for someone troubleshooting an install failure so we should obfuscate these values.

Metadata Update from @rcritten:
- Issue assigned to someone
- Issue set to the milestone: Future Releases

7 years ago

Metadata

Assignee

someone

Tags

None

Blocking

None

Depending on

None

Priority

low

Milestone

Future Releases

None

affects_doc

None

source

None

knownissue

None

type

defect

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

todo

tester

None

changelog

None

design

None

freeipa

Source Code

#3822 Don't log Negotiate or cookies Opened 10 years ago by rcritten. Modified 7 years ago

Close issue as:

Metadata

#3822 Don't log Negotiate or cookies

Opened 10 years ago by rcritten. Modified 7 years ago