Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

💡cloudflared tunnel - do not log sensitive headers #1372

Open
eherde opened this issue Dec 16, 2024 · 0 comments
Open

💡cloudflared tunnel - do not log sensitive headers #1372

eherde opened this issue Dec 16, 2024 · 0 comments
Labels
Priority: Normal Minor issue impacting one or more users Type: Feature Request A big idea that would be split into smaller pieces

Comments

@eherde
Copy link

eherde commented Dec 16, 2024

Describe the feature you'd like

When run with log level debug, cloudflared logs a line like the below, including all headers.

2024-12-16T15:04:35Z DBG GET <url> HTTP/1.1 connIndex=1 content-length=0 event=1 headers=<headers> host=<host> ingressRule=0 originService=http://<origin>:<port> path=<path>

The Authorization header is particularly sensitive and not one we want appearing in our logs. I'd like to be able to set logging to debug in production without concern for a potential security risk.
@eherde eherde added Priority: Normal Minor issue impacting one or more users Type: Feature Request A big idea that would be split into smaller pieces labels Dec 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Priority: Normal Minor issue impacting one or more users Type: Feature Request A big idea that would be split into smaller pieces
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@eherde