Browse Source

Merge "Fix Sensitive Header Censorship in Log"

changes/95/754595/1
Zuul 2 years ago committed by Gerrit Code Review
parent
commit
05a04650a5
  1. 6
      vmware_nsxlib/v3/cluster.py
  2. 2
      vmware_nsxlib/v3/utils.py

6
vmware_nsxlib/v3/cluster.py

@ -765,9 +765,13 @@ class ClusteredAPI(object):
kwargs['headers'] = kwargs.get('headers', {})
kwargs['headers'].update(conn.default_headers)
if not self._silent:
# To censor sensitive headers before logging
kwargs_copy = copy.copy(kwargs)
kwargs_copy['headers'] = utils.censor_headers(
kwargs_copy['headers'])
LOG.debug("API cluster proxy %s %s to %s with %s. "
"Waited conn: %2.4f, rate: %2.4f",
proxy_for.upper(), uri, url, kwargs,
proxy_for.upper(), uri, url, kwargs_copy,
conn_data.conn_wait, conn_data.rate_wait)
# call the actual connection method to do the

2
vmware_nsxlib/v3/utils.py

@ -64,7 +64,7 @@ def set_inject_headers_callback(callback):
def censor_headers(headers):
censored_headers = ['authorization', 'X-XSRF-TOKEN', 'Cookie']
censored_headers = ['authorization', 'x-xsrf-token', 'cookie']
result = {}
for name, value in headers.items():
if name.lower() in censored_headers:

Loading…
Cancel
Save