Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hide body and headers by default in HttpRequest#toString and HttpResponse#toString #2560

Merged
merged 9 commits into from May 21, 2020
Merged

Hide body and headers by default in HttpRequest#toString and HttpResponse#toString #2560

merged 9 commits into from May 21, 2020

Commits on May 21, 2020

  1. Hide body and headers by default in HttpRequest#toString and `HttpR… 

    …esponse#toString`.
    @pfcoperez @raboof
    pfcoperez authored and raboof committed May 21, 2020
    Copy the full SHA
    11b989d View commit details
    Browse the repository at this point in the history

  2. Refrain from using legal-ish language in the technical documentation.

    @pfcoperez @raboof
    pfcoperez authored and raboof committed May 21, 2020
    Copy the full SHA
    81b2170 View commit details
    Browse the repository at this point in the history

  3. Extension implicit class example as a way of adding show method to … 

    …`HttpRequest` and `HttpResponse`
    @pfcoperez @raboof
    pfcoperez authored and raboof committed May 21, 2020
    Copy the full SHA
    e598e27 View commit details
    Browse the repository at this point in the history

  4. Removed Cats and Scalaz dependencies from the documentation project t… 

    …hus also removing examples using their type classes.
    @pfcoperez @raboof
    pfcoperez authored and raboof committed May 21, 2020
    Copy the full SHA
    fb515c4 View commit details
    Browse the repository at this point in the history

  5. Simplifies Scala examples and adds its Java counterparts.

    @pfcoperez @raboof
    pfcoperez authored and raboof committed May 21, 2020
    Copy the full SHA
    8ffe1c5 View commit details
    Browse the repository at this point in the history

  6. Add a HttpModel#safeToString method which can be invoked by potenti… 

    …ally PII/Sensitive information leaking code, such `HttpMessage#toString`.

It defaults to not showing more than the header name except for modeled headers which are considered safe by default and, therefore, use `toString` implementation.
10 modeled headers have been identified as containers of sensitive information and these override modeled headers default behaviour.
    @pfcoperez @raboof
    pfcoperez authored and raboof committed May 21, 2020
    Copy the full SHA
    bccce9f View commit details
    Browse the repository at this point in the history

  7. Autoformatted code

    @jrudolph @raboof
    jrudolph authored and raboof committed May 21, 2020
    Copy the full SHA
    1e5512c View commit details
    Browse the repository at this point in the history

  8. Enable assertions which depended on akka#2737 as it has already been … 

    …merged.
    @pfcoperez @raboof
    pfcoperez authored and raboof committed May 21, 2020
    Copy the full SHA
    36c5f1e View commit details
    Browse the repository at this point in the history

  9. Make toString use the safe representation for those headers marked … 

    …as sensitive by mixing `SensitiveHttpHeader`.

Unsafe, not redacted version, can now be accessed via `unsafeToString` method.
    @pfcoperez @raboof
    pfcoperez authored and raboof committed May 21, 2020
    Copy the full SHA
    a12513d View commit details
    Browse the repository at this point in the history