Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] CosmosClientBuilder.buildClient() logs the cosmosdb URI #17885

Closed
sushilkm opened this issue Nov 30, 2020 · 3 comments
Closed

[BUG] CosmosClientBuilder.buildClient() logs the cosmosdb URI #17885

sushilkm opened this issue Nov 30, 2020 · 3 comments
Labels
Client This issue points to a problem in the data-plane of the library. Cosmos Security

Comments

@sushilkm
Copy link

A lot of users deem this to be an unsecure practice to print the resources' name and URIs.
When creating the cosmosdbclient, it prints the cosmosdb URI in the logs.

This behavior should be updated to not print any sensitive information like cosmosdb-name/uri to stop the sensitive information leaking in the logs\ for user security.
@ghost ghost added the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Nov 30, 2020
@ghost
Copy link

ghost commented Nov 30, 2020

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @kushagraThapar, @anfeldma-ms

@joshfree joshfree added Client This issue points to a problem in the data-plane of the library. Cosmos Security labels Dec 2, 2020
@ghost ghost removed the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Dec 2, 2020
@kushagraThapar
Copy link
Member

@sushilkm - thanks for filing this issue, however, since URI is not sensitive, as it can be viewed in portal as well. Also, it is present in the CosmosDiagnostics.

@in-fke in-fke mentioned this issue Mar 5, 2021
Closed
@kushagraThapar
Copy link
Member

Closing this issue.

openapi-sdkautomation bot pushed a commit to AzureSDKAutomation/azure-sdk-for-java that referenced this issue Feb 17, 2022
CodeGen from PR 17885 in Azure/azure-rest-api-specs
f5dc89e 
Use AuthConfig instead of EasyAuth for all public API/Document (Azure#17885)
@github-actions github-actions bot locked and limited conversation to collaborators Apr 12, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Client This issue points to a problem in the data-plane of the library. Cosmos Security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@joshfree @sushilkm @kushagraThapar