You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
visit the store, and produce a log message that is associated to a customer. (i.e. with the following http status codes: 400, 404, 500)
visit the logs in the backend, open the details page of the produced log message
You will see the email of the customer with a link to the customer detail page and additionally the IP address of the customer.
Based on the GDPR this is not allowed, as with this log file the displayed IP address can be directly associated with the customer.
Proposed solution:
If customersettings.storeipaddresses is disabled, IP addresses in the logs should not be stored for registered customers (or even any customers).
@Manuel-Innovapps You've written "1. Enable setting customersettings.storeipaddresses". But in this case IP addresses will be store in the [Customer] table as well. Did you mean "1. Disable setting customersettings.storeipaddresses"? So when disabled, then IP address should not be stored in [Customer] and [Log] tables?
nopCommerce version: 4.60.x +
Steps to reproduce the problem:
customersettings.storeipaddresses
Based on the GDPR this is not allowed, as with this log file the displayed IP address can be directly associated with the customer.
Proposed solution:
If
customersettings.storeipaddresses
is disabled, IP addresses in the logs should not be stored for registered customers (or even any customers).nopCommerce/src/Libraries/Nop.Services/Logging/DefaultLogger.cs
Lines 191 to 201 in 8ad98f3
The text was updated successfully, but these errors were encountered: