The Sanitizer.java class infers that the scheme portion of a URI can only contain letters, but as described in RFC2396 it can follow:
scheme = alpha *( alpha | digit | "+" | "-" | "." )
We have a use case where a valid URI with the scheme mongodb+sr, won't get the password token sanitized due to the current regex pattern.
Comment From: pivotal-cla
@billyto Please sign the Contributor License Agreement!
Click here to manually synchronize the status of this Pull Request.
See the FAQ for frequently asked questions.
Comment From: pivotal-cla
@billyto Thank you for signing the Contributor License Agreement!
Comment From: wilkinsona
Thanks very much for making your first contribution to Spring Boot, @billyto.