Skip to content
This repository was archived by the owner on Dec 3, 2024. It is now read-only.

https://github.com/ConsenSys/orchestrate-priv/issues/939 #17

Open
ggarri opened this issue Jun 28, 2022 · 0 comments
Open

https://github.com/ConsenSys/orchestrate-priv/issues/939 #17

ggarri opened this issue Jun 28, 2022 · 0 comments

Comments

@ggarri
Copy link
Collaborator

ggarri commented Jun 28, 2022

When a chain registration fails, http basic Auth information is leaked in the logs.

{"@timestamp":"2022-03-31T15:24:49Z","chain_name":"besu_0-X0mac","error":"08000@: Post "http://user1:***@besu2.ops.consensys.net\": dial tcp: lookup besu2.ops.consensys.net on 10.100.0.10:53: no such host","log.level":"error","message":"(use-cases.register-chain): failed to fetch chain id","url":"http://user1:[email protected]"}

here the value "secret" is hidden in the connexion string but displayed in logs url.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ggarri