IBM Support

PI55296: LOGGING SENSITIVE INFORMATION TO LOGCAT WHEN ANDROID DOES NOT HAVE A CONTEXT SET FOR LOGGER

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • When a context is not set for Android SDK Logger server
    responses will be printed as debug the package
    android.Util.Log.  This may result in logging information that
    may be sensitive and not intended to be logged.
    

Local fix

  • Call WL.Logger.setLevel('FATAL') or your preferred logging
    level in wlCommonInit() function before UpdateConfigFromServer.
    
    or
    
    Make sure you set Logger.setContext(this); when starting your
    app from different activities.
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED:                                              *
    * This affects Android Hybrid developers.                      *
    ****************************************************************
    * PROBLEM DESCRIPTION:                                         *
    * Inside the worklight.js there was a call to log network      *
    * payloads that was being logged at device level. This issue   *
    * occured when context was not set in a hybrid application.    *
    * The only time context is not set in a hybrid application is  *
    * when entering hybrid without calling                         *
    * WL.createInstance(this); in the onCreate method in the       *
    * native portion of the app.                                   *
    ****************************************************************
    * RECOMMENDATION:                                              *
    * -                                                            *
    ****************************************************************
    

Problem conclusion

  • Removed the logging of the network payload. the Logger context
    in the Logger Cordova plugin is now always set . Developers
    should update Android client SDK from the ifix that includes
    this APAR.
    

Temporary fix

Comments

APAR Information

  • APAR number

    PI55296

  • Reported component name

    MFPF/WORKLIGHT

  • Reported component ID

    5725I4301

  • Reported release

    700

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2016-01-12

  • Closed date

    2016-02-03

  • Last modified date

    2016-02-03

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    MFPF/WORKLIGHT

  • Fixed component ID

    5725I4301

Applicable component levels

  • R600 PSY

       UP

  • R610 PSY

       UP

  • R620 PSY

       UP

  • R630 PSY

       UP

  • R700 PSY

       UP

  • R710 PSY

       UP

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSZH4A","label":"IBM Worklight"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"700","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
14 October 2021