swagger-api/swagger-codegen
Ver no GitHubpassword in toString in generated model
Open
#2.662 aberto em 20 de abr. de 2016
Enhancement: Generalhelp wanted
Métricas do repositório
- Stars
- (12.701 stars)
- Métricas de merge de PR
- (Nenhuma PRs mesclada em 30d)
Description
When using format "password", e.g.
credentials:
type: object
properties:
username:
type: string
password:
type: string
format: password
required:
- username
- password
the field "password" is contained in the toString method of the generated model class.
In my opinion, that's a security issue (you don't want client passwords appearing in log files etc.)
Would it make sense to change the corresponding line in toString to:
sb.append(" password: ").append("<protected>").append("\n");
whenever the format "password" is used?