Information returned by the env and configprops endpoints can be somewhat sensitive so keys
matching a certain pattern are sanitized by default (i.e. their values are replaced by ******).
The patterns to use can be customized using the management.endpoint.env.keys-to-sanitize and
management.endpoint.configprops.keys-to-sanitize respectively.
Spring Boot uses sensible defaults for such keys: any key ending with the word “password”, “secret”,
“key”, “token”, “vcap_services”, “sun.java.command”, “uri”, “uris”, “address” or “addresses” is
sanitized. Additionally, any key that holds the word credentials as part of the key is sanitized
(configured as a regular expression, i.e. .credentials.).
If any of the keys to sanitize are URI format (i.e. 😕/:@:/),
only the password part is sanitized.
Actuator 过滤掉env,prop敏感信息
最新推荐文章于 2024-08-02 16:37:52 发布