swagger-api/swagger-codegen
Voir sur GitHubpassword in toString in generated model
Open
#2 662 ouverte le 20 avr. 2016
Enhancement: Generalhelp wanted
Métriques du dépôt
- Stars
- (12 701 stars)
- Métriques de merge PR
- (Aucune PR mergée en 30 j)
Description
When using format "password", e.g.
credentials:
type: object
properties:
username:
type: string
password:
type: string
format: password
required:
- username
- password
the field "password" is contained in the toString method of the generated model class.
In my opinion, that's a security issue (you don't want client passwords appearing in log files etc.)
Would it make sense to change the corresponding line in toString to:
sb.append(" password: ").append("<protected>").append("\n");
whenever the format "password" is used?