Disable dumping of headers on trace

Some headers (e.g.: Authorization) contains sensitive information which should not be logged.
RedisLabs · Dec 22, 2024 · 019d209 · 019d209
1 parent cbda1d1
commit 019d209
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/bazel/repository_locations.bzl b/bazel/repository_locations.bzl
@@ -920,7 +920,7 @@ REPOSITORY_LOCATIONS_SPEC = dict(
         # Static snapshot of https://quiche.googlesource.com/googleurl/+archive/9cdb1f4d1a365ebdbcbf179dadf7f8aa5ee802e7.tar.gz.
         version = "9cdb1f4d1a365ebdbcbf179dadf7f8aa5ee802e7",
         sha256 = "a1bc96169d34dcc1406ffb750deef3bc8718bd1f9069a2878838e1bd905de989",
-        urls = ["https://storage.googleapis.com/quiche-envoy-integration/googleurl_{version}.tar.gz"],
+        urls = ["https://storage.googleapis.com/quiche-envoy-integration/googleurl-{version}.tar.gz"],
         use_category = ["controlplane", "dataplane_core"],
         extensions = [],
         release_date = "2022-04-04",

diff --git a/source/common/http/filter_manager.h b/source/common/http/filter_manager.h
@@ -679,7 +679,8 @@ class FilterManager : public ScopeTrackedObject,
     const char* spaces = spacesForLevel(indent_level);
     os << spaces << "FilterManager " << this << DUMP_MEMBER(state_.has_1xx_headers_) << "\n";
 
-    DUMP_DETAILS(filter_manager_callbacks_.requestHeaders());
+    // Disabled to avoid dumping sensitive information (such as AUTHORIZATION header)
+    // DUMP_DETAILS(filter_manager_callbacks_.requestHeaders());
     DUMP_DETAILS(filter_manager_callbacks_.requestTrailers());
     DUMP_DETAILS(filter_manager_callbacks_.responseHeaders());
     DUMP_DETAILS(filter_manager_callbacks_.responseTrailers());