blackteay/gin
3
0
Fork 0
mirror of https://github.com/gin-gonic/gin.git synced 2025-04-06 03:57:46 +08:00
Code Issues Projects Releases Wiki Activity

refactor(recovery): extract Authorization header masking into maskAuthorization func

Browse Source
This commit is contained in:
OHZEKI Naoki 2025-01-19 18:05:28 +09:00
parent 3f818c3fa6
commit e33e0c795c
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
recovery.go
View File

@ -73,12 +73,7 @@ func CustomRecoveryWithWriter(out io.Writer, handle RecoveryFunc) HandlerFunc {
stack := stack(3) stack := stack(3)
httpRequest, _ := httputil.DumpRequest(c.Request, false) httpRequest, _ := httputil.DumpRequest(c.Request, false)
headers := strings.Split(string(httpRequest), "\r\n") headers := strings.Split(string(httpRequest), "\r\n")
for idx, header := range headers { maskAuthorization(&headers)
current := strings.Split(header, ":")
if current[0] == "Authorization" {
headers[idx] = current[0] + ": *"
}
}
headersToStr := strings.Join(headers, "\r\n") headersToStr := strings.Join(headers, "\r\n")
if brokenPipe { if brokenPipe {
logger.Printf("%s\n%s%s", err, headersToStr, reset) logger.Printf("%s\n%s%s", err, headersToStr, reset)
@ -134,6 +129,16 @@ func stack(skip int) []byte {
return buf.Bytes() return buf.Bytes()
} }
// maskAuthorization replaces any "Authorization: <token>" header with "Authorization: *", hiding sensitive credentials.
func maskAuthorization(headers *[]string) {
for idx, header := range *headers {
current := strings.Split(header, ":")
if current[0] == "Authorization" {
(*headers)[idx] = current[0] + ": *"
}
}
}
// source returns a space-trimmed slice of the n'th line. // source returns a space-trimmed slice of the n'th line.
func source(lines [][]byte, n int) []byte { func source(lines [][]byte, n int) []byte {
n-- // in stack trace, lines are 1-indexed but our array is 0-indexed n-- // in stack trace, lines are 1-indexed but our array is 0-indexed