Skip to content

x-pack/filebeat/input/httpjson: redact authorization headers in logging#41920

Merged
efd6 merged 2 commits intoelastic:mainfrom
efd6:40997-httpjson
Dec 8, 2024
Merged

x-pack/filebeat/input/httpjson: redact authorization headers in logging#41920
efd6 merged 2 commits intoelastic:mainfrom
efd6:40997-httpjson

Conversation

@efd6
Copy link
Contributor

@efd6 efd6 commented Dec 5, 2024
edited
Loading

This requires a small duplication of the mapstr.M API to workaround an issue in that type that can result in corruption of data.

Proposed commit message

x-pack/filebeat/input/httpjson: redact authentication headers in logging

This requires a small duplication of the mapstr.M API to workaround an
issue in that type that can result in corruption of data.

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

Disruptive User Impact

Author's Checklist

  • [ ]

How to test this PR locally

Related issues

Use cases

Screenshots

Logs
@efd6 efd6 added enhancement Filebeat Filebeat bugfix Team:Security-Service Integrations Security Service Integrations Team labels Dec 5, 2024
@efd6 efd6 self-assigned this Dec 5, 2024
@botelastic botelastic bot added needs_team Indicates that the issue/PR needs a Team:* label and removed needs_team Indicates that the issue/PR needs a Team:* label labels Dec 5, 2024
@mergify
Copy link
Contributor

mergify bot commented Dec 5, 2024

This pull request does not have a backport label.
If this is a bug or security fix, could you label this PR @efd6? 🙏.
For such, you'll need to label your PR with:

  • The upcoming major version of the Elastic Stack
  • The upcoming minor version of the Elastic Stack (if you're not pushing a breaking change)

To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

  • backport-8./d is the label to automatically backport to the 8./d branch. /d is the digit
@mergify
Copy link
Contributor

mergify bot commented Dec 5, 2024

backport-8.x has been added to help with the transition to the new branch 8.x.
If you don't need it please use backport-skip label and remove the backport-8.x label.
@mergify mergify bot added the backport-8.x Automated backport to the 8.x branch with mergify label Dec 5, 2024
@efd6
x-pack/filebeat/input/httpjson: redact authentication headers in logging
6ccddbe 
This requires a small duplication of the mapstr.M API to workaround an
issue in that type that can result in corruption of data.
@efd6
Copy link
Contributor Author

efd6 commented Dec 6, 2024

/test
@efd6 efd6 marked this pull request as ready for review December 6, 2024 03:34
@efd6 efd6 requested a review from a team as a code owner December 6, 2024 03:34
@elasticmachine
Copy link
Contributor

elasticmachine commented Dec 6, 2024

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)
andrewkroh
andrewkroh approved these changes Dec 6, 2024
View reviewed changes
CHANGELOG.next.asciidoc Outdated
- Improve S3 object size metric calculation to support situations where Content-Length is not available. {pull}41755[41755]
- Fix handling of http_endpoint request exceeding memory limits. {issue}41764[41764] {pull}41765[41765]
- Rate limiting fixes in the Okta provider of the Entity Analytics input. {issue}40106[40106] {pull}41583[41583]
- Redact authentication headers in HTTPJSON debug logs. {pull}41920[41920]
Copy link
Member

@andrewkroh andrewkroh Dec 6, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- Redact authentication headers in HTTPJSON debug logs. {pull}41920[41920]
- Redact authorization headers in HTTPJSON debug logs. {pull}41920[41920]

Suggestion based on the name of the actual header key.
@efd6 efd6 enabled auto-merge (squash) December 8, 2024 19:38
@efd6 efd6 changed the title x-pack/filebeat/input/httpjson: redact authentication headers in logging Dec 8, 2024
@efd6 efd6 merged commit a641687 into elastic:main Dec 8, 2024
mergify bot pushed a commit that referenced this pull request Dec 8, 2024
@efd6 @mergify
x-pack/filebeat/input/httpjson: redact authorization headers in loggi…
1447684 
…ng (#41920)

This requires a small duplication of the mapstr.M API to workaround an
issue in that type that can result in corruption of data.

(cherry picked from commit a641687)
@mergify mergify bot mentioned this pull request Dec 8, 2024
Merged
6 tasks
efd6 added a commit that referenced this pull request Dec 17, 2024
@mergify @efd6
x-pack/filebeat/input/httpjson: redact authorization headers in loggi…
bb47b7f 
…ng (#41920) (#41950)

This requires a small duplication of the mapstr.M API to workaround an
issue in that type that can result in corruption of data.

(cherry picked from commit a641687)

Co-authored-by: Dan Kortschak <dan.kortschak@elastic.co>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

backport-8.x Automated backport to the 8.x branch with mergify bugfix enhancement Filebeat Filebeat Team:Security-Service Integrations Security Service Integrations Team

3 participants

@efd6 @elasticmachine @andrewkroh