nghttpx: Don't log authorization request header field value with -LINFO
This commit is contained in:
parent
ce962c3fdf
commit
be96654d56
|
@ -146,13 +146,22 @@ std::string colorizeHeaders(const char *hdrs) {
|
||||||
nhdrs += TTY_HTTP_HD;
|
nhdrs += TTY_HTTP_HD;
|
||||||
nhdrs.append(p, np);
|
nhdrs.append(p, np);
|
||||||
nhdrs += TTY_RST;
|
nhdrs += TTY_RST;
|
||||||
|
auto redact = util::strieq_l("authorization", StringRef{p, np});
|
||||||
p = np;
|
p = np;
|
||||||
np = strchr(p, '\n');
|
np = strchr(p, '\n');
|
||||||
if (!np) {
|
if (!np) {
|
||||||
nhdrs.append(p);
|
if (redact) {
|
||||||
|
nhdrs.append(": <redacted>");
|
||||||
|
} else {
|
||||||
|
nhdrs.append(p);
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
nhdrs.append(p, np + 1);
|
if (redact) {
|
||||||
|
nhdrs.append(": <redacted>\n");
|
||||||
|
} else {
|
||||||
|
nhdrs.append(p, np + 1);
|
||||||
|
}
|
||||||
p = np + 1;
|
p = np + 1;
|
||||||
}
|
}
|
||||||
return nhdrs;
|
return nhdrs;
|
||||||
|
|
|
@ -463,6 +463,11 @@ int Http2DownstreamConnection::push_request_headers() {
|
||||||
if (LOG_ENABLED(INFO)) {
|
if (LOG_ENABLED(INFO)) {
|
||||||
std::stringstream ss;
|
std::stringstream ss;
|
||||||
for (auto &nv : nva) {
|
for (auto &nv : nva) {
|
||||||
|
if (util::streq_l("authorization", nv.name, nv.namelen)) {
|
||||||
|
ss << TTY_HTTP_HD << StringRef{nv.name, nv.namelen} << TTY_RST
|
||||||
|
<< ": <redacted>\n";
|
||||||
|
continue;
|
||||||
|
}
|
||||||
ss << TTY_HTTP_HD << StringRef{nv.name, nv.namelen} << TTY_RST << ": "
|
ss << TTY_HTTP_HD << StringRef{nv.name, nv.namelen} << TTY_RST << ": "
|
||||||
<< StringRef{nv.value, nv.valuelen} << "\n";
|
<< StringRef{nv.value, nv.valuelen} << "\n";
|
||||||
}
|
}
|
||||||
|
|
|
@ -321,6 +321,10 @@ int Http2Upstream::on_request_headers(Downstream *downstream,
|
||||||
if (LOG_ENABLED(INFO)) {
|
if (LOG_ENABLED(INFO)) {
|
||||||
std::stringstream ss;
|
std::stringstream ss;
|
||||||
for (auto &nv : nva) {
|
for (auto &nv : nva) {
|
||||||
|
if (nv.name == "authorization") {
|
||||||
|
ss << TTY_HTTP_HD << nv.name << TTY_RST << ": <redacted>\n";
|
||||||
|
continue;
|
||||||
|
}
|
||||||
ss << TTY_HTTP_HD << nv.name << TTY_RST << ": " << nv.value << "\n";
|
ss << TTY_HTTP_HD << nv.name << TTY_RST << ": " << nv.value << "\n";
|
||||||
}
|
}
|
||||||
ULOG(INFO, this) << "HTTP request headers. stream_id="
|
ULOG(INFO, this) << "HTTP request headers. stream_id="
|
||||||
|
|
|
@ -318,6 +318,10 @@ int htp_hdrs_completecb(http_parser *htp) {
|
||||||
<< "HTTP/" << req.http_major << "." << req.http_minor << "\n";
|
<< "HTTP/" << req.http_major << "." << req.http_minor << "\n";
|
||||||
|
|
||||||
for (const auto &kv : req.fs.headers()) {
|
for (const auto &kv : req.fs.headers()) {
|
||||||
|
if (kv.name == "authorization") {
|
||||||
|
ss << TTY_HTTP_HD << kv.name << TTY_RST << ": <redacted>\n";
|
||||||
|
continue;
|
||||||
|
}
|
||||||
ss << TTY_HTTP_HD << kv.name << TTY_RST << ": " << kv.value << "\n";
|
ss << TTY_HTTP_HD << kv.name << TTY_RST << ": " << kv.value << "\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue