Merge "Fix Sensitive Header Censorship in Log"

This commit is contained in:
Zuul 2020-09-25 22:27:58 +00:00 committed by Gerrit Code Review
commit 05a04650a5
2 changed files with 6 additions and 2 deletions

View File

@ -765,9 +765,13 @@ class ClusteredAPI(object):
kwargs['headers'] = kwargs.get('headers', {})
kwargs['headers'].update(conn.default_headers)
if not self._silent:
# To censor sensitive headers before logging
kwargs_copy = copy.copy(kwargs)
kwargs_copy['headers'] = utils.censor_headers(
kwargs_copy['headers'])
LOG.debug("API cluster proxy %s %s to %s with %s. "
"Waited conn: %2.4f, rate: %2.4f",
proxy_for.upper(), uri, url, kwargs,
proxy_for.upper(), uri, url, kwargs_copy,
conn_data.conn_wait, conn_data.rate_wait)
# call the actual connection method to do the

View File

@ -64,7 +64,7 @@ def set_inject_headers_callback(callback):
def censor_headers(headers):
censored_headers = ['authorization', 'X-XSRF-TOKEN', 'Cookie']
censored_headers = ['authorization', 'x-xsrf-token', 'cookie']
result = {}
for name, value in headers.items():
if name.lower() in censored_headers: