-
The best way to prevent sensitive data from being printed to the logs is to avoid printing the value of *any* parameter. For instance, a password parameter may have an unusual name, or it may be passed through a general-purpose function like "strlen()". Since parameter values are useful for debugging, we can still print them when not in production mode (although with known password params still scrubbed out). Note this patch both scrubs likely password params, and hides their scrubbed value. That's mostly because I'm lazy, but it also obscures the password's actual length. Change-Id: I4a1ab4c89a169c6b29a7b63384c2412cee761ab7 behatnotneeded: Can't test with behat
9a297249