Credentials passed as as url parameters are visible in log output


**What did you do?**

I set DATA_SOURCE_NAME with connection string providing user name and password as url parameters.
This is the format of my connection DATA_SOURCE_NAME string:  
postgresql://<postgres dns>:<port>/<database>?user=<username>&password=<password>

I populated the user and password parameters with invalid credentials. Bad password, etc.
Then I ran postgres_exporter application and loaded my 0.0.0.0/metrics endpoint


**What did you expect to see?**
In my logging output, I expected to see "PASSWORD REMOVED" in message text. 

**What did you see instead? Under which circumstances?**
Instead the full password is logged.

I can work around this issue by changing my connection string to be formatted as
postgresql://<username>:<password>@<postgres dns>:<port>/<database>

but it seems like loggableDSN() function should handle this condition as well.




* System information:

	Darwin 21.4.0 arm64

* postgres_exporter version:

	version 0.10.1

* postgres_exporter flags:

        --web.listen-address=":8080"







Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!