Commit 48dddc2
authored
fix(trace): handle all header flag formats and missing secret headers in redaction (#1009)
## Summary
- Handle `--user`/`-u` flags (redact next argument)
- Handle `--header=value` concatenated form
- Handle `-Hvalue` concatenated form
- Add missing secret headers: `cookie`, `proxy-authorization`,
`set-cookie`, `x-csrf-token`
## What & Why
`redact_argv` only handled `-H`/`--header` as standalone flags.
Credentials passed via `--user admin:pass`, `-HAuthorization: Bearer
token`, or `--header=Authorization: Bearer token` were not redacted,
leaking to trace output.
## Tests Added
- `test_redact_user_flag` / `test_redact_short_user_flag`
- `test_redact_header_equals_form`
- `test_redact_concatenated_h_flag`
- `test_redact_cookie_header`
- `test_redact_proxy_authorization`
Closes #10021 parent 49f64af commit 48dddc2
2 files changed
+120
-9
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
224 | 224 | | |
225 | 225 | | |
226 | 226 | | |
227 | | - | |
| 227 | + | |
| 228 | + | |
| 229 | + | |
| 230 | + | |
| 231 | + | |
| 232 | + | |
| 233 | + | |
| 234 | + | |
| 235 | + | |
228 | 236 | | |
229 | 237 | | |
230 | 238 | | |
| |||
239 | 247 | | |
240 | 248 | | |
241 | 249 | | |
| 250 | + | |
242 | 251 | | |
243 | 252 | | |
244 | 253 | | |
| |||
252 | 261 | | |
253 | 262 | | |
254 | 263 | | |
255 | | - | |
256 | | - | |
| 264 | + | |
| 265 | + | |
257 | 266 | | |
258 | 267 | | |
259 | 268 | | |
260 | 269 | | |
261 | 270 | | |
262 | | - | |
| 271 | + | |
| 272 | + | |
| 273 | + | |
| 274 | + | |
| 275 | + | |
| 276 | + | |
| 277 | + | |
| 278 | + | |
| 279 | + | |
| 280 | + | |
| 281 | + | |
| 282 | + | |
| 283 | + | |
| 284 | + | |
| 285 | + | |
| 286 | + | |
| 287 | + | |
| 288 | + | |
| 289 | + | |
| 290 | + | |
| 291 | + | |
| 292 | + | |
| 293 | + | |
| 294 | + | |
| 295 | + | |
| 296 | + | |
| 297 | + | |
| 298 | + | |
| 299 | + | |
| 300 | + | |
| 301 | + | |
| 302 | + | |
| 303 | + | |
| 304 | + | |
| 305 | + | |
| 306 | + | |
| 307 | + | |
| 308 | + | |
| 309 | + | |
263 | 310 | | |
264 | 311 | | |
265 | 312 | | |
| |||
409 | 456 | | |
410 | 457 | | |
411 | 458 | | |
| 459 | + | |
| 460 | + | |
| 461 | + | |
| 462 | + | |
| 463 | + | |
| 464 | + | |
| 465 | + | |
| 466 | + | |
| 467 | + | |
| 468 | + | |
| 469 | + | |
| 470 | + | |
| 471 | + | |
| 472 | + | |
| 473 | + | |
| 474 | + | |
| 475 | + | |
| 476 | + | |
| 477 | + | |
| 478 | + | |
| 479 | + | |
| 480 | + | |
| 481 | + | |
| 482 | + | |
| 483 | + | |
| 484 | + | |
| 485 | + | |
| 486 | + | |
| 487 | + | |
| 488 | + | |
| 489 | + | |
| 490 | + | |
| 491 | + | |
| 492 | + | |
| 493 | + | |
| 494 | + | |
| 495 | + | |
| 496 | + | |
| 497 | + | |
| 498 | + | |
| 499 | + | |
| 500 | + | |
| 501 | + | |
| 502 | + | |
| 503 | + | |
| 504 | + | |
| 505 | + | |
| 506 | + | |
| 507 | + | |
| 508 | + | |
| 509 | + | |
| 510 | + | |
| 511 | + | |
| 512 | + | |
| 513 | + | |
| 514 | + | |
| 515 | + | |
| 516 | + | |
| 517 | + | |
| 518 | + | |
| 519 | + | |
| 520 | + | |
| 521 | + | |
| 522 | + | |
412 | 523 | | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
991 | 991 | | |
992 | 992 | | |
993 | 993 | | |
994 | | - | |
| 994 | + | |
995 | 995 | | |
996 | 996 | | |
997 | 997 | | |
998 | 998 | | |
999 | 999 | | |
1000 | 1000 | | |
1001 | 1001 | | |
1002 | | - | |
| 1002 | + | |
1003 | 1003 | | |
1004 | 1004 | | |
1005 | 1005 | | |
1006 | | - | |
| 1006 | + | |
1007 | 1007 | | |
1008 | 1008 | | |
1009 | 1009 | | |
1010 | | - | |
| 1010 | + | |
1011 | 1011 | | |
1012 | 1012 | | |
1013 | 1013 | | |
1014 | | - | |
| 1014 | + | |
1015 | 1015 | | |
1016 | 1016 | | |
1017 | 1017 | | |
| |||
0 commit comments