efcore icon indicating copy to clipboard operation
efcore copied to clipboard

Published 20 hours ago verified publisher icon dotnet

Don't log inlined values in SQL unless sensitive data logging is enabled

Open ajcvickers opened this issue 4 years ago • 6 comments
trafficstars

See https://github.com/dotnet/efcore/issues/13617#issuecomment-805049723

When EF inline a value, then we will stop logging the SQL unless sensitive data logging is enabled. We will instead log a message indicating that sensitive data logging must be enabled to see the SQL.

ajcvickers avatar Mar 29 '21 17:03 ajcvickers

We will add a flag for do not log in RelationalParameterBasedSqlProcessor.

smitpatel avatar Apr 14 '21 17:04 smitpatel

@AndriySvyryd Look at how to pipe through the flag to RelationalCommand

AndriySvyryd avatar Jun 18 '21 17:06 AndriySvyryd

The flag will be stored in SelectExpression and then passed to IRelationalCommandBuilder

AndriySvyryd avatar Jul 23 '21 23:07 AndriySvyryd

Umm, I can get flat upto relational command builder from query. The issue is that logging is done by Execute method. How does value flow there?

smitpatel avatar Jul 24 '21 03:07 smitpatel

RelationalCommandBuilder would pass it to RelationalCommand as a new parameter in the constructor and then Execute* will pass it as a new parameter to the logging method.

AndriySvyryd avatar Jul 24 '21 03:07 AndriySvyryd

It should be relatively straightforward to have some flag in the query compilation context which says whether things are being inlined, turn it on at the point where inline will happen (i.e. when translating to InExpression/ValuesExpression with a ValuesParameter), and then refrain from logging when that flag is one (and EnableSensitiveDataLogging is off).

roji avatar Aug 28 '24 18:08 roji