From 8e12da6afd8678927d9037f66c183cc08e2246a1 Mon Sep 17 00:00:00 2001 From: GauravM Date: Mon, 26 Feb 2024 11:15:44 +0530 Subject: [PATCH] [FIX] sanitize connection.uri for mongo --- .../com/provectus/kafka/ui/service/KafkaConfigSanitizer.java | 3 ++- .../provectus/kafka/ui/service/KafkaConfigSanitizerTest.java | 3 +++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/service/KafkaConfigSanitizer.java b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/service/KafkaConfigSanitizer.java index b4cdf144c9f..b924482d2c6 100644 --- a/kafka-ui-api/src/main/java/com/provectus/kafka/ui/service/KafkaConfigSanitizer.java +++ b/kafka-ui-api/src/main/java/com/provectus/kafka/ui/service/KafkaConfigSanitizer.java @@ -30,7 +30,8 @@ class KafkaConfigSanitizer { .add( "basic.auth.user.info", /* For Schema Registry credentials */ "password", "secret", "token", "key", ".*credentials.*", /* General credential patterns */ - "aws.access.*", "aws.secret.*", "aws.session.*" /* AWS-related credential patterns */ + "aws.access.*", "aws.secret.*", "aws.session.*", /* AWS-related credential patterns */ + "connection.uri" /* mongo credential patterns */ ) .build(); diff --git a/kafka-ui-api/src/test/java/com/provectus/kafka/ui/service/KafkaConfigSanitizerTest.java b/kafka-ui-api/src/test/java/com/provectus/kafka/ui/service/KafkaConfigSanitizerTest.java index 9cab6b2f13f..689ee56dcca 100644 --- a/kafka-ui-api/src/test/java/com/provectus/kafka/ui/service/KafkaConfigSanitizerTest.java +++ b/kafka-ui-api/src/test/java/com/provectus/kafka/ui/service/KafkaConfigSanitizerTest.java @@ -34,6 +34,9 @@ void obfuscateCredentials() { assertThat(sanitizer.sanitize("aws.secret.access.key", "secret")).isEqualTo("******"); assertThat(sanitizer.sanitize("aws.secretAccessKey", "secret")).isEqualTo("******"); assertThat(sanitizer.sanitize("aws.sessionToken", "secret")).isEqualTo("******"); + + //Mongo var sanitizing + assertThat(sanitizer.sanitize("connection.uri", "secret")).isEqualTo("******"); } @Test