Skip to content

Commit

Permalink
Merge pull request #20 from privacybydesign/fix/avoid-logging-of-pers…
Browse files Browse the repository at this point in the history 
…onal-data-in-error-message

Fix: Do not log personal data in log messages
  • Loading branch information
@ivard
ivard authored Jul 14, 2022
2 parents cb9eb98 + 030c92e commit e6803dc
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 6 deletions.
10 changes: 5 additions & 5 deletions src/main/java/foundation/privacybydesign/email/EmailRestApi.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ public Response sendEmail(@FormParam("email") String email,

// We only accept lowercase email addresses.
if (!email.equals(email.toLowerCase())) {
logger.error("Address contains uppercase characters: {}", email);
logger.error("Address contains uppercase characters");
return Response.status(Response.Status.BAD_REQUEST).entity(ERR_ADDRESS_MALFORMED).build();
}

Expand All @@ -74,7 +74,7 @@ public Response sendEmail(@FormParam("email") String email,
url
);
} catch (AddressException e) {
logger.error("Invalid address: {}: {}", email, e.getMessage());
logger.error("Invalid address: {}", e.getMessage());
return Response.status(Response.Status.BAD_REQUEST).entity(ERR_ADDRESS_MALFORMED).build();
} catch (UnsupportedEncodingException e) {
logger.error("Invalid return URL: {}: {}", client.getReturnURL(), e.getMessage());
Expand All @@ -100,7 +100,7 @@ public Response sendEmailToken(@FormParam("email") String emailAddress,

// We only accept lowercase email addresses.
if (!emailAddress.equals(emailAddress.toLowerCase())) {
logger.error("Address contains uppercase characters: {}", emailAddress);
logger.error("Address contains uppercase characters");
return Response.status(Response.Status.BAD_REQUEST).entity(ERR_ADDRESS_MALFORMED).build();
}

Expand All @@ -125,7 +125,7 @@ public Response sendEmailToken(@FormParam("email") String emailAddress,
conf.getServerURL(language) + "#verify-email/" + token
);
} catch (AddressException e) {
logger.error("Invalid address: {}: {}", emailAddress, e.getMessage());
logger.error("Invalid address: {}", e.getMessage());
return Response.status(Response.Status.BAD_REQUEST).entity
(ERR_ADDRESS_MALFORMED).build();
}
Expand Down Expand Up @@ -156,7 +156,7 @@ public Response verifyEmailToken(@FormParam("token") String token) throws KeyMan
}
String[] emailParts = emailAddress.split("@");
if (emailParts.length != 2) {
logger.error("Invalid address: {}", emailAddress);
logger.error("Invalid address");
return Response.status(Response.Status.BAD_REQUEST).entity
(ERR_ADDRESS_MALFORMED).build();
}
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/foundation/privacybydesign/email/EmailSender.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ protected PasswordAuthentication getPasswordAuthentication() {
}
Transport.send(message);
} catch (MessagingException e) {
logger.error("Sending mail to {} failed:\n{}", toAddresses, e.getMessage());
logger.error("Sending mail failed:\n{}", e.getMessage());
}
}
}

0 comments on commit e6803dc

Please sign in to comment.