Expand the list of default headers included in logs
Closed this issue · 0 comments
I think the list of headers that we include in logs is pretty minimal and we could be getting better debug information by default rather than requiring each app to configure them.
What problem does this feature solve?
We have slightly less information that we might need by default by only including the accept
and content-type
headers. We cannot expose all headers and we need to consider not exposing sensitive data in our logs.
Ideal solution
We should add some more default headers. A non-exhaustive list of suggestions:
accept-encoding
accept-language
referer
user-agent
Alternatives
-
We could do nothing, but that means we might end up having lots of apps repeating the same config
-
We could expose the expanded header list to avoid some of the duplication, e.g. allowing users to access an
expandedHeaders
property which they can pass into theincludeHeaders
option if they want to