feat(configx): add HTTP header log redaction config #725
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR introduces a change that allows configuration of additional HTTP headers to be redacted in the logs to address a case where custom HTTP headers containing sensitive information (e.g. tokens) are logged on production environments when a deployment such as one for Ory Kratos triggers a webhook request with these headers
Some alternatives that were considered include:
fatal
to keep these kind of information out of the logs, which is not really a desirable log level as it would result in decreased observability of the deploymentsAuthorization
header, which would be ideal, but some 3rd party APIs do not accept a standardAuthorization
header and instead require non-standard HTTP headers such asX-Auth-Token
in which case it is simpler to have deployments accept such headers with redaction, rather than having some proxy rewrite the HTTP headersRelated Issue or Design Document
Checklist
If this pull request addresses a security vulnerability,
I confirm that I got approval (please contact security@ory.sh) from the maintainers to push the changes.
Further comments