Logs should not contain PII

Fixed in

EPiServer.CMS.Core 11.4.0

Created

Feb 06, 2018

Updated

Jun 05, 2018

Area

CMS Core

State

Closed, Fixed and tested


Description

Explicit log messages from CMS Core no longer contain Personally Identifiable Information (PII), like user name or IP addresses.

Examples of messages that should not container username. These have been found:
2018-02-06 13:28:14,723 [31] DEBUG EPiServer.DataAccess.Internal.ContentSaveDB: Saving content 5_5 (Action='641' User='admin')
2018-02-06 13:28:14,903 [31] DEBUG EPiServer.DataAccess.Internal.ContentSaveDB: Saved content 5_198 (Action='641' User='admin')
2018-02-06 13:32:04,804 [44] INFO EPiServer.DataAccess.Internal.ContentAclDB: 9.1.1 Access settings for contentID: 9 have been saved (non-recursive) by user: admin