Open
Description
From [email protected] on January 24, 2010 20:11:56
That code was designed to not disclose all configuration variables. It
would filter out any parameter with "Master" in the name, so the MasterSalt
has never (?) been printed during the parsing of the configuration.
That being said, I don't think that was a great solution either. I would
love to see a boolean configuration variable indicating whether or not to
dump the configuration to the console AND a globbing configuration variable
indicating what to never print. Something like....
General.PrintConfiguration = true
General.NeverPrint = "Master_, General_"
Original issue: http://code.google.com/p/owasp-esapi-java/issues/detail?id=96