octoleo/restic
2
2
Fork 0
mirror of https://github.com/octoleo/restic.git synced 2024-11-22 12:55:18 +00:00
Code Issues Releases Wiki Activity

redact http authorization header in debug log output

Browse Source
This commit is contained in:
Michael Eischer 2021-08-04 22:19:44 +02:00
parent 0c0e7b6957
commit 0936d864a4
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
internal/debug/round_tripper_debug.go
View File

@ -76,6 +76,12 @@ func RoundTripper(upstream http.RoundTripper) http.RoundTripper {
}
func (tr loggingRoundTripper) RoundTrip(req *http.Request) (res *http.Response, err error) {
// save original auth and redact it
origAuth, hasAuth := req.Header["Authorization"]
if hasAuth {
req.Header["Authorization"] = []string{"**redacted**"}
}
trace, err := httputil.DumpRequestOut(req, false)
if err != nil {
Log("DumpRequestOut() error: %v\n", err)
@ -83,6 +89,11 @@ func (tr loggingRoundTripper) RoundTrip(req *http.Request) (res *http.Response,
Log("------------ HTTP REQUEST -----------\n%s", trace)
}
// restore auth
if hasAuth {
req.Header["Authorization"] = origAuth
}
res, err = tr.RoundTripper.RoundTrip(req)
if err != nil {
Log("RoundTrip() returned error: %v", err)