diff options
author | Jesse Wilson <jessewilson@google.com> | 2010-10-14 15:19:31 -0700 |
---|---|---|
committer | Jesse Wilson <jessewilson@google.com> | 2010-10-14 15:24:07 -0700 |
commit | 9f7b511f4ac753992e9b726c41f7aec71092c15c (patch) | |
tree | 62a234876563ce7cb6de7909437dee068639e40a | |
parent | 8232105ef86740b2fddce9e9477aa16a450ee8a8 (diff) | |
download | external_apache-http-9f7b511f4ac753992e9b726c41f7aec71092c15c.zip external_apache-http-9f7b511f4ac753992e9b726c41f7aec71092c15c.tar.gz external_apache-http-9f7b511f4ac753992e9b726c41f7aec71092c15c.tar.bz2 |
Don't leak sensitive information when logging cookies.
Change-Id: Id3a171f588fb545e14188e69e7bf6f2d4ef25b5c
http://b/3095990
-rw-r--r-- | src/org/apache/http/client/protocol/ResponseProcessCookies.java | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/src/org/apache/http/client/protocol/ResponseProcessCookies.java b/src/org/apache/http/client/protocol/ResponseProcessCookies.java index 0689e93..5b76550 100644 --- a/src/org/apache/http/client/protocol/ResponseProcessCookies.java +++ b/src/org/apache/http/client/protocol/ResponseProcessCookies.java @@ -124,13 +124,17 @@ public class ResponseProcessCookies implements HttpResponseInterceptor { cookieStore.addCookie(cookie); if (this.log.isDebugEnabled()) { + // BEGIN android-changed this.log.debug("Cookie accepted: \"" - + cookie + "\". "); + + cookieToString(cookie) + "\". "); + // END android-changed } } catch (MalformedCookieException ex) { if (this.log.isWarnEnabled()) { + // BEGIN android-changed this.log.warn("Cookie rejected: \"" - + cookie + "\". " + ex.getMessage()); + + cookieToString(cookie) + "\". " + ex.getMessage()); + // END android-changed } } } @@ -142,5 +146,19 @@ public class ResponseProcessCookies implements HttpResponseInterceptor { } } } - + + // BEGIN android-added + /** + * Don't log the cookie's value; that's potentially sensitive information. + */ + private String cookieToString(Cookie cookie) { + return cookie.getClass().getSimpleName() + + "[version=" + cookie.getVersion() + + ",name=" + cookie.getName() + + ",domain=" + cookie.getDomain() + + ",path=" + cookie.getPath() + + ",expiry=" + cookie.getExpiryDate() + + "]"; + } + // END android-added } |