Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Redact HTTP headers on LoggingFeature #5014

Closed
nunomsantos opened this issue Mar 25, 2022 · 3 comments
Closed

Redact HTTP headers on LoggingFeature #5014

nunomsantos opened this issue Mar 25, 2022 · 3 comments
Milestone
2.36

Comments

@nunomsantos
Copy link
Contributor

nunomsantos commented Mar 25, 2022
edited
Loading

Hi all,

Currently, LoggingFeature logs all HTTP headers of requests and responses. This might write sensitive data to the logs, like the Authorization header.
I was thinking of adding a configurable denylist of HTTP headers where one could specify, e.g., a comma separated list of headers whose value should be redacted before logging the request or response. We could also have a reasonable default denylist - does anyone know of other standard headers with sensitive data?

Would you consider this behavior valuable? I'm available to open a PR with this change if agreed.
@nunomsantos nunomsantos changed the title Redact HTTP headers on LoggingFilter Redact HTTP headers on LoggingFeature Mar 25, 2022
@jansupol
Copy link
Contributor

It could be useful. Feel free to provide a PR. Thanks.

@nunomsantos nunomsantos mentioned this issue Apr 1, 2022
Merged
@nunomsantos
Copy link
Contributor Author

Hi, @senivam @jansupol. Can we close this issue?

@senivam
Copy link
Contributor

senivam commented May 16, 2022

I think yes, it was not linked to the PR to be closed automatically, so it was just forgotten. Thanks for reminding.

@senivam senivam closed this as completed May 16, 2022
@senivam senivam added this to the 2.36 milestone May 16, 2022
This was referenced Jun 14, 2022
Merged
Merged
Closed
Merged
Merged
Closed
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Open
Merged
Merged
Open
@ChristianHoesel ChristianHoesel mentioned this issue Jun 15, 2022
Merged
1 task
This was referenced Jun 18, 2022
Open
Open
Closed
@renovate renovate bot mentioned this issue Dec 22, 2022
Closed
1 task
This was referenced Jan 6, 2023
Merged
Closed
This was referenced Feb 11, 2023
Merged
Closed
@renovate renovate bot mentioned this issue Mar 23, 2023
Closed
1 task
@mend-for-github-com mend-for-github-com bot mentioned this issue Mar 26, 2023
Open
This was referenced May 11, 2023
Open
Open
This was referenced Jun 1, 2023
Merged
Closed
This was referenced Jun 4, 2023
Merged
Closed
This was referenced Jun 15, 2023
Merged
Merged
This was referenced Jun 26, 2023
Closed
Open
This was referenced Jul 6, 2023
Open
Open
This was referenced Aug 28, 2023
Merged
Merged
This was referenced Nov 30, 2023
Closed
Closed
Open
@mend-for-github-com mend-for-github-com bot mentioned this issue Jan 11, 2024
Open
@renovate renovate bot mentioned this issue Mar 1, 2024
Merged
1 task
@mend-for-github-com mend-for-github-com bot mentioned this issue Mar 24, 2024
Open
1 task
This was referenced Apr 13, 2024
Merged
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.36
Development

No branches or pull requests
3 participants
@nunomsantos @jansupol @senivam