Rectify incorrect sanitizing regex example provided in how-to docs

Closes gh-29951
pull/30000/head
Madhura Bhave 3 years ago
parent 1e8d29f7aa
commit a70fa80571

@ -37,7 +37,7 @@ See also the section on "`<<features#features.developing-web-applications.spring
[[howto.actuator.sanitize-sensitive-values]] [[howto.actuator.sanitize-sensitive-values]]
=== Sanitize Sensitive Values === Sanitize Sensitive Values
Information returned by the `env` and `configprops` endpoints can be somewhat sensitive so keys matching certain patterns are sanitized by default (i.e. their values are replaced by `+******+`). Spring Boot uses sensible defaults for such keys: any key ending with the word "password", "secret", "key", "token", "vcap_services", "sun.java.command" is entirely sanitized. Information returned by the `env` and `configprops` endpoints can be somewhat sensitive so keys matching certain patterns are sanitized by default (i.e. their values are replaced by `+******+`). Spring Boot uses sensible defaults for such keys: any key ending with the word "password", "secret", "key", "token", "vcap_services", "sun.java.command" is entirely sanitized.
Additionally, any key that holds the word `credentials` (configured as a regular expression, i.e. `+*credentials.*+`) as part of the key is also entirely sanitized. Additionally, any key that holds the word `credentials` (configured as a regular expression, i.e. `+.*credentials.*+`) as part of the key is also entirely sanitized.
Furthermore, Spring Boot sanitizes the sensitive portion of URI-like values for keys with one of the following endings: Furthermore, Spring Boot sanitizes the sensitive portion of URI-like values for keys with one of the following endings:

Loading…
Cancel
Save