Redact sensitive information in redirected URLs #1408
Merged
Commits on Jul 18, 2022
-
Redact sensitive information in redirected URLs
This adds internal methods to redact potentially sensitive information from URLs in error messages, especially when those URLs are the result of server-side redirects. We already redact potentially sensitive information like this as part of transport.CheckError, but this isn't called when the error is the result of an http.Client.Do (e.g., tcp dial error). The specific use case where this can happen is a registry like GCR which redirects blob requests to GCS with a sensitive access_token in the query parameter. If the request to GCS fails due to tcp error, the error message will include the sensitive access token. This method of redaction relies on the original error being a *url.Error, and redaction is accomplished by simply updating the error's URL with a redacted equivalent.
-
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.