https://bz.apache.org/bugzilla/show_bug.cgi?id=60178
--- Comment #8 from Mark Thomas <ma...@apache.org> --- Debug logs may contain security sensitive data and should be used and protected accordingly. I am -1 on any form of filtering of debug logs. The whole point of debug logging is to show you exactly what is going on. If Tomcat starts filtering debug logs it could well filter out the critical information required to solve an issue. If Tomcat was logging security sensitive information by default then there would be a stronger case for making a change. I'll note that in such a case, the change would likely be to log that information at debug level. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
