Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Breaking change]: Uri query redaction in HttpClient EventSource events #42794

Closed
1 of 3 tasks
liveans opened this issue Oct 2, 2024 · 0 comments · Fixed by #43351
Closed
1 of 3 tasks

[Breaking change]: Uri query redaction in HttpClient EventSource events #42794

liveans opened this issue Oct 2, 2024 · 0 comments · Fixed by #43351
Assignees
Labels
breaking-change Indicates a .NET Core breaking change doc-idea Indicates issues that are suggestions for new topics [org][type][category] in-pr This issue will be closed (fixed) by an active pull request. Pri1 High priority, do before Pri2 and Pri3 📌 seQUESTered Identifies that an issue has been imported into Quest.

Comments

@liveans
Copy link
Member

liveans commented Oct 2, 2024

Description

In .NET 9, the default behavior of EventSource events emitted by HttpClient / SocketsHttpHandler has been modified to scrub query strings (EventSource name: System.Net.Http). This change is aimed at enhancing privacy by preventing the logging of potentially sensitive information contained in query strings. For scenarios where consuming query strings is necessary and deemed safe, this behavior can be overridden by enabling the System.Net.Http.DisableUriRedaction AppContext switch or by setting the DOTNET_SYSTEM_NET_HTTP_DISABLEURIREDACTION environment variable.

Version

.NET 9 Preview 7

Previous behavior

Previously, events emitted by HttpClient / SocketsHttpHandler included query string information, which could inadvertently expose sensitive information.

New behavior

With the change in dotnet/runtime#104741, query strings are replaced by a * character in HttpClient / SocketsHttpHandler events by default. This affects specific events and parameters such as pathAndQuery in RequestStart and redirectUri in Redirect. Developers can enable query string logging globally by setting the System.Net.Http.DisableUriRedaction AppContext switch or the DOTNET_SYSTEM_NET_HTTP_DISABLEURIREDACTION environment variable.

Type of breaking change

  • Binary incompatible: Existing binaries might encounter a breaking change in behavior, such as failure to load or execute, and if so, require recompilation.
  • Source incompatible: When recompiled using the new SDK or component or to target the new runtime, existing source code might require source changes to compile successfully.
  • Behavioral change: Existing binaries might behave differently at run time.

Reason for change

The primary reason for this change is to enhance privacy by reducing the risk of sensitive information being logged inadvertently. Query strings often contain sensitive data and redacting them from logs by default helps protect this information.

Recommended action

If you need query string information when consuming HttpClient / SocketsHttpHandler events and you are confident that it is safe to do so, you can enable query string logging globally by setting the System.Net.Http.DisableUriRedaction AppContext switch or the DOTNET_SYSTEM_NET_HTTP_DISABLEURIREDACTION environment variable. Otherwise, no action is required, and the default behavior will help enhance the privacy aspects of your application.

If you are using IHttpClientFactory, note that these switches will also disable query string redaction in the default IHttpClientFactory logs.

Feature area

Networking

Affected APIs

  • System.Net.Http.SocketsHttpHandler.Send(...) (overrides HttpMessageHandler.Send(...))
  • System.Net.Http.SocketsHttpHandler.SendAsync(...) (overrides HttpMessageHandler.SendAsync(...))

Associated WorkItem - 340217

@liveans liveans added doc-idea Indicates issues that are suggestions for new topics [org][type][category] breaking-change Indicates a .NET Core breaking change Pri1 High priority, do before Pri2 and Pri3 labels Oct 2, 2024
@dotnetrepoman dotnetrepoman bot added ⌚ Not Triaged Not triaged labels Oct 2, 2024
@gewarren gewarren added 🗺️ reQUEST Triggers an issue to be imported into Quest. and removed ⌚ Not Triaged Not triaged labels Nov 4, 2024
@sequestor sequestor bot added 📌 seQUESTered Identifies that an issue has been imported into Quest. and removed 🗺️ reQUEST Triggers an issue to be imported into Quest. labels Nov 5, 2024
@dotnetrepoman dotnetrepoman bot added ⌚ Not Triaged Not triaged and removed ⌚ Not Triaged Not triaged labels Nov 5, 2024
@gewarren gewarren moved this from 🔖 Ready to 👀 In review in dotnet/docs November 2024 sprint Nov 5, 2024
@dotnet-policy-service dotnet-policy-service bot added the in-pr This issue will be closed (fixed) by an active pull request. label Nov 5, 2024
@github-project-automation github-project-automation bot moved this from 👀 In review to ✅ Done in dotnet/docs November 2024 sprint Nov 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
breaking-change Indicates a .NET Core breaking change doc-idea Indicates issues that are suggestions for new topics [org][type][category] in-pr This issue will be closed (fixed) by an active pull request. Pri1 High priority, do before Pri2 and Pri3 📌 seQUESTered Identifies that an issue has been imported into Quest.
Projects
No open projects
Status: ✅ Done
Development

Successfully merging a pull request may close this issue.

2 participants