fix(e2core): Remove logging of sensitive data about a request #424
Conversation
There was a problem hiding this comment.
Looks like we still potentially log the unredacted msg.Data() if JSON unmarshalling fails.
But more broadly... this seems kind of blunt. I assume we still want to log the request, but just omit the Authorization header and the message body.
(I'm also not sure why we're calling fmt.Println() instead of using a method on the ll struct.)
|
If unmarshaling from json fails, it's probably because whatever is in I think that fmt.Println was a remnant of a debug session I was doing and I forgot to take it out. With this changeset it is no longer there. |
|
I'm still a bit torn (at least we should elide the authorization header), but this PR is strictly better than the status quo, so let's roll with it |
No issue
Found the place where the logging of the entire request happened which included tokens and request body and removed it.