Skip to content

Commit

Permalink
fix: credentials leakage in request headers
Browse files Browse the repository at this point in the history 
The headers request contains the authentication, and it gets
printed in the robot log report.
  • Loading branch information
@nestoracunablanco
nestoracunablanco authored and nestoracunablanco committed Nov 2, 2023
1 parent e4291b7 commit ca2dd6a
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion src/RequestsLibrary/log.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,12 @@ def log_request(response):
else:
original_request = request
redirected = ''
headers_hidden_auth = original_request.headers.copy()
headers_hidden_auth["Authorization"] = "********"
logger.info("%s Request : " % original_request.method.upper() +
"url=%s %s\n " % (original_request.url, redirected) +
"path_url=%s \n " % original_request.path_url +
"headers=%s \n " % original_request.headers +
"headers=%s \n " % headers_hidden_auth +
"body=%s \n " % format_data_to_log_string(original_request.body))


Expand Down

0 comments on commit ca2dd6a

Please sign in to comment.