287bb77abc
The URL password redaction operation did not handle the case where the database connection URL was provided as a percent-encoded string, and its password component contained reserved characters. It attempted to redact the password by replacing the unescaped password in the percent-encoded URL. This resulted in the password being revealed when reading the configuration from Vault.
4 lines
108 B
Plaintext
4 lines
108 B
Plaintext
```release-note:bug
|
|
secrets/database: Ensure that a `connection_url` password is redacted in all cases.
|
|
```
|