Proxy Password Plaintext

Hi,

I saw that the unrecognizable Proxy Password in the Katalon Preferences is written in plain text in the console with every testrun. In my case it’s my Single Sign On company account password.

  • proxyInformation = ProxyInformation{proxyOption=MANUAL_CONFIG, proxyServerType=HTTPS, password=!!!, proxyServerAddress=192.168.1xx.xxx, proxyServerPort=xxxx}

It’s also written in the JUnit_Report.xml. Which is synced in the collaborative git to other working members.

Regards

3 Likes

Could be nice feature to obfuscate any value of variable in logs if name starts with password or pwd or passw

2 Likes

This is also a problem with our company security rules!
Please KATALON-Team fix this security issue!
The text in the log is from the toString() method in the com/kms/katalon/core/network/ProxyInformation.java

1 Like

Hi everyone, I opened an issue on Github for ease of tracking. Thanks for reporting.

The plain-text-passwort is also visible in the TestSuite-Report:
tab “Execution Settings” row “proxy”
tab “Execution Environment” row “proxyInformation”.

Thank you ThanTo for this quick reply :smiley:

Hi everyone

This bug has been fixed in version 7.4.2 which is available for download here.

Jass