Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Play!: Expose application filter to exclude fields in trace #61

Open
drpacman opened this issue Jul 6, 2015 · 0 comments
Open

Play!: Expose application filter to exclude fields in trace #61

drpacman opened this issue Jul 6, 2015 · 0 comments

Comments

@drpacman
Copy link
Contributor

drpacman commented Jul 6, 2015

At present all query parameters and headers are added to the trace. This introduces a security risk if some of those fields contain sensitive information e.g. authentication tokens etc.

To mitigate this, enable query fields or header fields to be excluded from the trace (or at least masked with a dummy value) by the hosting application.

I think this will be simple to achieve by adding configurable filters to akka.tracing.play.TracingSettings which can be applied in addHttpAnnotations.

(I will try and implement this week)
drpacman added a commit to drpacman/akka-tracing that referenced this issue Jul 6, 2015
@drpacman
Issue levkhomich#61 - enable exclusion of specific query and header v…
62229e1 
…alues from traces
levkhomich added a commit that referenced this issue Sep 9, 2015
@levkhomich
Merge pull request #62 from drpacman/master
942574b 
Issue #61 - enable exclusion of specific query and header values from traces
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@drpacman