Skip to content

Commit

Permalink
fix: credentials leakage in request headers
Browse files Browse the repository at this point in the history 
The headers request contains the authentication, and it gets
printed in the robot log report.
  • Loading branch information
@nestoracunablanco
nestoracunablanco authored and nestoracunablanco committed Oct 27, 2023
1 parent e4291b7 commit c9d31bc
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion src/RequestsLibrary/log.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,12 @@ def log_request(response):
else:
original_request = request
redirected = ''
headers_hidden_auth = original_request.headers.copy()
headers_hidden_auth["Authorization"] = "********"
logger.info("%s Request : " % original_request.method.upper() +
"url=%s %s\n " % (original_request.url, redirected) +
"path_url=%s \n " % original_request.path_url +
"headers=%s \n " % original_request.headers +
"headers=%s \n " % headers_hidden_auth +
"body=%s \n " % format_data_to_log_string(original_request.body))


Expand Down

0 comments on commit c9d31bc

Please sign in to comment.