You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For the remaining of the tracing output, it's possible to set a callback with OnRequestLog() than will filter out sensitive data like password or tokens from the log output. (See REDACTED output in the above example). This do not affect the generated curl output.
This generated Curl output is interesting but only in some usecases. Can we add a flag to disable that feature in the trace output ?
Or better, a flag to explicitly enable it (like EnableTraceWithCurl(), with a warning in the docs as this can leak secrets.
The text was updated successfully, but these errors were encountered:
The new curl log output introduced by #794 will leak secrets when tracing is enabled. See output example:
For the remaining of the tracing output, it's possible to set a callback with
OnRequestLog()
than will filter out sensitive data like password or tokens from the log output. (See REDACTED output in the above example). This do not affect the generated curl output.This generated Curl output is interesting but only in some usecases. Can we add a flag to disable that feature in the trace output ?
Or better, a flag to explicitly enable it (like
EnableTraceWithCurl()
, with a warning in the docs as this can leak secrets.The text was updated successfully, but these errors were encountered: