root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions 12 Packages Projects Releases Wiki Activity

Merge branch '2.0.x'

This commit is contained in:
Andy Wilkinson 2018-10-06 13:06:53 +01:00
parent 8259c6397e bbdd6cc9cb
commit 43c0d42dc2
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
spring-boot-project/spring-boot-docs/src/main/asciidoc/howto.adoc
View File

@ -2494,11 +2494,11 @@ of how to register handlers in the servlet container.
=== Sanitize sensible values === Sanitize sensible values
Information returned by the `env` and `configprops` endpoints can be somewhat sensitive Information returned by the `env` and `configprops` endpoints can be somewhat sensitive
so keys matching a certain pattern are sanitized by default (i.e. their values are so keys matching a certain pattern are sanitized by default (i.e. their values are
replaced by `******`). replaced by `+******+`).
Spring Boot uses sensible defaults for such keys: for instance, any key ending with the Spring Boot uses sensible defaults for such keys: for instance, any key ending with the
word "password", "secret", "key" or "token" is sanitized. It is also possible to use a word "password", "secret", "key" or "token" is sanitized. It is also possible to use a
regular expression instead, such as `*credentials.*` to sanitize any key that holds the regular expression instead, such as `+*credentials.*+` to sanitize any key that holds the
word `credentials` as part of the key. word `credentials` as part of the key.
The patterns to use can be customized using the `management.endpoint.env.keys-to-sanitize` The patterns to use can be customized using the `management.endpoint.env.keys-to-sanitize`