Remove auth token from http logging
This redacts the X-Auth-Token header value from the logs by replacing it with '***'. Change-Id: I6b80cc94d42a44f9db801de78fa23218e6eca0ee
This commit is contained in:
parent
8f89a14c9f
commit
6149e1db31
|
@ -120,6 +120,8 @@ class HTTPClient(object):
|
|||
curl = ['curl -i -X %s' % method]
|
||||
|
||||
for (key, value) in kwargs['headers'].items():
|
||||
if key.lower() == 'x-auth-token':
|
||||
value = '*' * 3
|
||||
header = '-H \'%s: %s\'' % (key, value)
|
||||
curl.append(header)
|
||||
|
||||
|
@ -146,7 +148,10 @@ class HTTPClient(object):
|
|||
def log_http_response(resp, body=None):
|
||||
status = (resp.version / 10.0, resp.status, resp.reason)
|
||||
dump = ['\nHTTP/%.1f %s %s' % status]
|
||||
dump.extend(['%s: %s' % (k, v) for k, v in resp.getheaders()])
|
||||
headers = resp.getheaders()
|
||||
if 'X-Auth-Token' in headers:
|
||||
headers['X-Auth-Token'] = '*' * 3
|
||||
dump.extend(['%s: %s' % (k, v) for k, v in headers])
|
||||
dump.append('')
|
||||
if body:
|
||||
dump.extend([body, ''])
|
||||
|
|
Loading…
Reference in New Issue