Support defining additional keys to sanitize for actuator endpoints #25384
Comments
spring-projects-issues
added
the
status: waiting-for-triage
|
@nathankooij Out of interest, what are the keys that you've added? Separate to allowing additional keys to be specified, it might be worth us changing the defaults too if they sound common. |
wilkinsona
added
the
status: waiting-for-feedback
@wilkinsona we added |
spring-projects-issues
added
status: feedback-provided
|
Thanks. I think it makes sense to sanitise |
philwebb
added
type: enhancement
After adopting the Spring Boot Admin (SBA) some colleagues astutely observed that we were "leaking" some secrets as SBA provides convenient access to the
configpropsandenvactuator endpoints. Fortunately we can change the keys which values would get sanitized with the following two properties:management.endpoint.configprops.keys-to-sanitizeandmanagement.endpoint.env.keys-to-sanitize. However, setting these overwrites all defaults which we would like to keep (since they make a lot of sense). Our current solution is to copy all defaults and then add our own (we do this in a central place that is applied to all our applications). Consequently, we now need to make ensure that this list is kept up-to-date while also limiting configurability of our internal downstream applications. Ideally, we could keep the default configuration but add to it.So if possible I would like to suggest a
additional-keys-to-sanitizeproperty to be introduced which would allow one to set additional keys to sanitize while keeping the defaults.Additionally, it would be great if the
Sanitizercould also apply the same special handling tourlkeys that it does for the keys ofSanitizer#URI_USERINFO_KEYS, as these also can contain sensitive credentials, such that we do not have to filter the entire value.We observed this behavior on Spring Boot 2.3.8, but looking at the code of 2.4.x this behavior is still there.
The text was updated successfully, but these errors were encountered: