diff options
| author | Yassen Damyanov <yd@itlabs.bg> | 2022-09-22 12:12:28 -0400 |
|---|---|---|
| committer | Mike Bayer <mike_mp@zzzcomputing.com> | 2022-09-23 17:27:30 -0400 |
| commit | 3333c6623fa45bcbc7fabd061184a79b7b7f2fa6 (patch) | |
| tree | 6c262c52683c544470d68a0ae40c5c0ed16b1722 /test/ext/asyncio/test_engine_py3k.py | |
| parent | d50bbd56740f86bb363b405f7d8e5df9667bb4e3 (diff) | |
| download | sqlalchemy-3333c6623fa45bcbc7fabd061184a79b7b7f2fa6.tar.gz | |
Tighten password security by removing `URL.__str__`
For improved security, the :class:`_url.URL` object will now use password
obfuscation by default when ``str(url)`` is called. To stringify a URL with
cleartext password, the :meth:`_url.URL.render_as_string` may be used,
passing the :paramref:`_url.URL.render_as_string.hide_password` parameter
as ``False``. Thanks to our contributors for this pull request.
Fixes: #8567
Closes: #8563
Pull-request: https://github.com/sqlalchemy/sqlalchemy/pull/8563
Pull-request-sha: d1f1127f753849eb70b8d6cc64badf34e1b9219b
Change-Id: If756c8073ff99ac83876d9833c8fe1d7c76211f9
Diffstat (limited to 'test/ext/asyncio/test_engine_py3k.py')
| -rw-r--r-- | test/ext/asyncio/test_engine_py3k.py | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/test/ext/asyncio/test_engine_py3k.py b/test/ext/asyncio/test_engine_py3k.py index 0269aaaee..cdf70ca67 100644 --- a/test/ext/asyncio/test_engine_py3k.py +++ b/test/ext/asyncio/test_engine_py3k.py @@ -635,7 +635,9 @@ class AsyncEngineTest(EngineFixture): def test_async_engine_from_config(self): config = { - "sqlalchemy.url": str(testing.db.url), + "sqlalchemy.url": testing.db.url.render_as_string( + hide_password=False + ), "sqlalchemy.echo": "true", } engine = async_engine_from_config(config) |