swagger-api/swagger-codegen
Auf GitHub ansehenpassword in toString in generated model
Open
#2.662 geöffnet am 20. Apr. 2016
Enhancement: Generalhelp wanted
Repository-Metriken
- Stars
- (12.701 Stars)
- PR-Merge-Metriken
- (Keine gemergten PRs in 30 T)
Beschreibung
When using format "password", e.g.
credentials:
type: object
properties:
username:
type: string
password:
type: string
format: password
required:
- username
- password
the field "password" is contained in the toString method of the generated model class.
In my opinion, that's a security issue (you don't want client passwords appearing in log files etc.)
Would it make sense to change the corresponding line in toString to:
sb.append(" password: ").append("<protected>").append("\n");
whenever the format "password" is used?