Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature/2409/hide `HttpEntity.Strict` body data by default #2737

Open
wants to merge 1 commit into
base: master
from

Conversation

@pfcoperez
Copy link

commented Oct 1, 2019

Purpose

Aimed to avoid PII and SPI leakage, partially tackles #2409

References

References #2560
References #2412
References #2409 (comment)
References #2412 (review)

Changes

This PR makes HttpEntity.Strict#toString method to print just the entity content type and its contents size. Replacing the previous behaviour which included the whole contents (or their beginning if they were excessively long).

Background Context

#2560 (review)

avoid including body data from strict entities (not a good idea anyways)

@akka-ci

This comment has been minimized.

Copy link
Collaborator

commented Oct 1, 2019

Thank you for your pull request! After a quick sanity check one of the team will reply with 'OK TO TEST' to kick off our automated validation on Jenkins. This compiles the project, runs the tests, and checks for things like binary compatibility and source code formatting. When two team members have also manually reviewed and (perhaps after asking for some amendments) accepted your contribution, it should be good to be merged.

For more details about our contributing process, check out CONTRIBUTING.md - and feel free to ask!

…ize. Including this data (or chunk of it) makes easy to inadvertently leak sensitive information in logs and left-behind output operations.
@pfcoperez pfcoperez force-pushed the pfcoperez:feature/2409/hide_strict_entity_body branch from fa616ca to e79d71c Oct 1, 2019
@raboof

This comment has been minimized.

Copy link
Member

commented Oct 4, 2019

OK TO TEST

@raboof
raboof approved these changes Oct 4, 2019
Copy link
Member

left a comment

Seems reasonable to me

@akka-ci akka-ci added validating tested and removed validating labels Oct 4, 2019
@akka-ci

This comment has been minimized.

Copy link
Collaborator

commented Oct 4, 2019

Test PASSed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.