summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJesse Wilson <jessewilson@google.com>2010-10-14 16:22:33 -0700
committerAndroid Git Automerger <android-git-automerger@android.com>2010-10-14 16:22:33 -0700
commitd5b79c970e9c5cb22603663d8fcb0c5e49dd4371 (patch)
tree62a234876563ce7cb6de7909437dee068639e40a
parentbd6d112761d852a26b345521e66479c55f4aec6f (diff)
parent9f7b511f4ac753992e9b726c41f7aec71092c15c (diff)
downloadexternal_apache-http-d5b79c970e9c5cb22603663d8fcb0c5e49dd4371.zip
external_apache-http-d5b79c970e9c5cb22603663d8fcb0c5e49dd4371.tar.gz
external_apache-http-d5b79c970e9c5cb22603663d8fcb0c5e49dd4371.tar.bz2
am 9f7b511f: Don\'t leak sensitive information when logging cookies.
Merge commit '9f7b511f4ac753992e9b726c41f7aec71092c15c' into gingerbread-plus-aosp * commit '9f7b511f4ac753992e9b726c41f7aec71092c15c': Don't leak sensitive information when logging cookies.
-rw-r--r--src/org/apache/http/client/protocol/ResponseProcessCookies.java24
1 files changed, 21 insertions, 3 deletions
diff --git a/src/org/apache/http/client/protocol/ResponseProcessCookies.java b/src/org/apache/http/client/protocol/ResponseProcessCookies.java
index 0689e93..5b76550 100644
--- a/src/org/apache/http/client/protocol/ResponseProcessCookies.java
+++ b/src/org/apache/http/client/protocol/ResponseProcessCookies.java
@@ -124,13 +124,17 @@ public class ResponseProcessCookies implements HttpResponseInterceptor {
cookieStore.addCookie(cookie);
if (this.log.isDebugEnabled()) {
+ // BEGIN android-changed
this.log.debug("Cookie accepted: \""
- + cookie + "\". ");
+ + cookieToString(cookie) + "\". ");
+ // END android-changed
}
} catch (MalformedCookieException ex) {
if (this.log.isWarnEnabled()) {
+ // BEGIN android-changed
this.log.warn("Cookie rejected: \""
- + cookie + "\". " + ex.getMessage());
+ + cookieToString(cookie) + "\". " + ex.getMessage());
+ // END android-changed
}
}
}
@@ -142,5 +146,19 @@ public class ResponseProcessCookies implements HttpResponseInterceptor {
}
}
}
-
+
+ // BEGIN android-added
+ /**
+ * Don't log the cookie's value; that's potentially sensitive information.
+ */
+ private String cookieToString(Cookie cookie) {
+ return cookie.getClass().getSimpleName()
+ + "[version=" + cookie.getVersion()
+ + ",name=" + cookie.getName()
+ + ",domain=" + cookie.getDomain()
+ + ",path=" + cookie.getPath()
+ + ",expiry=" + cookie.getExpiryDate()
+ + "]";
+ }
+ // END android-added
}