Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feature: header encoder filter #3231

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

feature: header encoder filter #3231

wants to merge 3 commits into from

Conversation

szuecs
Copy link
Member

@szuecs szuecs commented Sep 18, 2024
edited
Loading

feature: header encoder filter #3230

@szuecs
feature: header encoder filter
47bb9f9 
Signed-off-by: Sandor Szücs <sandor.szuecs@zalando.de>
@szuecs
add all encodings from https://pkg.go.dev/golang.org/x/text@v0.18.0/e…
e88489e 
…ncoding/charmap

Signed-off-by: Sandor Szücs <sandor.szuecs@zalando.de>
@szuecs
add test cases, request header test fails
e6840ef 
Signed-off-by: Sandor Szücs <sandor.szuecs@zalando.de>
@szuecs szuecs added the minor no risk changes, for example new filters label Sep 18, 2024
github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 18, 2024
View reviewed changes
filters/builtin/header_encode.go

sNew, err := f.encoder.String(s)
if err != nil {
log.Errorf("Failed to encode %q: %v", s, err)

Check failure

Code scanning / CodeQL

Clear-text logging of sensitive information High

Sensitive data returned by HTTP request headers
Loading
flows to a logging call.

Copilot Autofix AI 7 days ago

To fix the problem, we should avoid logging the sensitive information directly. Instead, we can log a generic message indicating that an error occurred without including the sensitive data. This approach maintains the functionality of logging errors while protecting potentially sensitive information.

  • Modify the log statement on line 147 to remove the sensitive data (s).
  • Log a generic error message that does not include the sensitive data.
filters/builtin/header_encode.go

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/filters/builtin/header_encode.go b/filters/builtin/header_encode.go
--- a/filters/builtin/header_encode.go
+++ b/filters/builtin/header_encode.go
@@ -146,3 +146,3 @@
 	if err != nil {
-		log.Errorf("Failed to encode %q: %v", s, err)
+		log.Errorf("Failed to encode header value: %v", err)
 	}
EOF
@@ -146,3 +146,3 @@
if err != nil {
log.Errorf("Failed to encode %q: %v", s, err)
log.Errorf("Failed to encode header value: %v", err)
}
Copilot is powered by AI and may make mistakes. Always verify output.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
minor no risk changes, for example new filters
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@szuecs