fix(e2core): Remove logging of sensitive data about a request

suborbital / e2core

Server for sandboxed third-party plugins, powered by WebAssembly

https://suborbital.dev

Apache License 2.0

722 stars 41 forks source link

fix(e2core): Remove logging of sensitive data about a request #424

Closed javorszky closed 1 year ago

javorszky commented 1 year ago

No issue

Found the place where the logging of the entire request happened which included tokens and request body and removed it.

javorszky commented 1 year ago

If unmarshaling from json fails, it's probably because whatever is in msg.Data is not a json, and it would be super useful to know what was in there that caused the json unmarshaler to fail.

I think that fmt.Println was a remnant of a debug session I was doing and I forgot to take it out. With this changeset it is no longer there.

callahad commented 1 year ago

I'm still a bit torn (at least we should elide the authorization header), but this PR is strictly better than the status quo, so let's roll with it