Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New redact behavior in 0.5, :redact_auth deprecation #378

Open
rhcarvalho opened this issue Jun 25, 2024 · 1 comment
Open

New redact behavior in 0.5, :redact_auth deprecation #378

rhcarvalho opened this issue Jun 25, 2024 · 1 comment

Comments

@rhcarvalho
Copy link

When upgrading Req (https://diff.hex.pm/diff/req/0.4.14..0.5.1), I noticed v0.5.0 changed how the authorization header is redacted, from [redacted] to foo*****, giving out both the first 3 characters and the length of the original value.

Is there a suggested way to bring back the old behavior on "user land"? I have no use for the new behavior and would rather avoid accidentally exposing secrets.

Thanks!
@wojtekmach
Copy link
Owner

There is no way to bring back the old behaviour at the moment. I'll consider reverting or making this configurable.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@wojtekmach @rhcarvalho