Fix code scanning alert - Clear-text logging of sensitive information #2124

2025-01-02 22:54:49 +03:00 · 2022-09-09 20:29:01 +02:00 · 2022-09-09 20:29:01 +02:00 · d8a00d73a2
commit d8a00d73a2
parent 66870050c1
2 changed files with 6 additions and 2 deletions
--- a/conf/glances.conf
+++ b/conf/glances.conf
@ -574,9 +574,11 @@ host=localhost
 port=5984
 db=glances
 # user and password are optional (comment if not configured on the server side)
+# If they are used, then the https protocol will be used
 #user=root
 #password=root

+
 [kafka]
 # Configuration for the --export kafka option
 # http://kafka.apache.org/
--- a/glances/exports/glances_couchdb.py
+++ b/glances/exports/glances_couchdb.py
@ -50,7 +50,9 @@ class Export(GlancesExport):
        if self.user is None:
            server_uri = 'http://{}:{}/'.format(self.host, self.port)
        else:
-            server_uri = 'http://{}:{}@{}:{}/'.format(self.user, self.password, self.host, self.port)
+            # Force https if a login/password is provided
+            # Related to https://github.com/nicolargo/glances/issues/2124
+            server_uri = 'https://{}:{}@{}:{}/'.format(self.user, self.password, self.host, self.port)

        try:
            s = couchdb.Server(server_uri)
@ -58,7 +60,7 @@ class Export(GlancesExport):
            logger.critical("Cannot connect to CouchDB server %s (%s)" % (server_uri, e))
            sys.exit(2)
        else:
-            logger.info("Connected to the CouchDB server %s" % server_uri)
+            logger.info("Connected to the CouchDB server")

        try:
            s[self.db]