blackteay/gin
3
0
Fork 0
mirror of https://github.com/gin-gonic/gin.git synced 2025-04-06 03:57:46 +08:00
Code Issues Projects Releases Wiki Activity

Merge e33e0c795cc92946235425b8f3cff94d70a81a8c into 8763f33c65f7df8be5b9fe7504ab7fcf20abb41d

Browse Source
This commit is contained in:
OHZEKI Naoki 2025-03-23 04:01:35 +05:30 committed by GitHub
commit 5f624ec25c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
recovery.go
View File

@ -73,12 +73,7 @@ func CustomRecoveryWithWriter(out io.Writer, handle RecoveryFunc) HandlerFunc {
stack := stack(3)
httpRequest, _ := httputil.DumpRequest(c.Request, false)
headers := strings.Split(string(httpRequest), "\r\n")
for idx, header := range headers {
current := strings.Split(header, ":")
if current[0] == "Authorization" {
headers[idx] = current[0] + ": *"
}
}
maskAuthorization(&headers)
headersToStr := strings.Join(headers, "\r\n")
if brokenPipe {
logger.Printf("%s\n%s%s", err, headersToStr, reset)
@ -134,6 +129,16 @@ func stack(skip int) []byte {
return buf.Bytes()
}
// maskAuthorization replaces any "Authorization: <token>" header with "Authorization: *", hiding sensitive credentials.
func maskAuthorization(headers *[]string) {
for idx, header := range *headers {
current := strings.Split(header, ":")
if current[0] == "Authorization" {
(*headers)[idx] = current[0] + ": *"
}
}
}
// source returns a space-trimmed slice of the n'th line.
func source(lines [][]byte, n int) []byte {
n-- // in stack trace, lines are 1-indexed but our array is 0-indexed