Allow scrubbing of http trace request headers (e.g. authorization)
mxab opened this issue · 3 comments
Hi,
I noticed that the http traces contain all headers. I think this is problematic as they may contain sensitive data like authorization headers.
Would be great if we could provide some kind of regex similar to the environment var scrubbing that redacts some data.
This is a great idea.
Pyctuator already scrubs secrets from environment variables and configuration. Its a best-effort based on the name of the variable.
I think it should be easy to use the same scrubber for headers as well, I'm thinking about starting with scrubbing anything with "authorization" or "authentication".
Are there other interesting headers you had in mine?
Thanks,
Michael
@michaelyaakoby I started on that, see the PR. Let me know if there would be a better way
Thanks @mxab , merged.