fix: dont leak authorization and cookie header in reports

This commit is contained in:
ThetaDev 2024-12-26 01:14:38 +01:00
parent 967743e925
commit 2e21ad2514

View file

@ -1944,8 +1944,14 @@ impl RustyPipeQuery {
request
.headers()
.iter()
.filter(|(k, _)| k != &header::COOKIE)
.map(|(k, v)| {
(k.as_str(), v.to_str().unwrap_or_default().to_owned())
let vstr = if k == header::AUTHORIZATION {
"[redacted]"
} else {
v.to_str().unwrap_or_default()
};
(k.as_str(), vstr.to_owned())
})
.collect(),
),