Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extend list of HTTP headers considered sensitive #2455

Merged
merged 3 commits into from
Jan 10, 2023
Merged

Extend list of HTTP headers considered sensitive #2455

merged 3 commits into from
Jan 10, 2023

Conversation

adinauer
Copy link
Member

@adinauer adinauer commented Jan 5, 2023

馃摐 Description

Use HttpUtils where it wasn't before and add more headers that are considered sensitive.

馃挕 Motivation and Context

Fixes #2454

馃挌 How did you test it?

馃摑 Checklist

  • I reviewed the submitted code
  • I added tests to verify the changes
  • I updated the docs if needed
  • No breaking changes

馃敭 Next steps

@github-actions
Copy link
Contributor

github-actions bot commented Jan 5, 2023
edited

Performance metrics 馃殌

Plain With Sentry Diff
Startup time 317.64 ms 367.12 ms 49.48 ms
Size 1.73 MiB 2.33 MiB 616.92 KiB

Baseline results on branch: main

Startup times

Revision Plain With Sentry Diff
4a9c176 320.62 ms 334.68 ms 14.06 ms
a04f788 321.78 ms 354.12 ms 32.35 ms
f1150bc 306.15 ms 306.58 ms 0.44 ms
d00c464 337.43 ms 387.57 ms 50.15 ms
f55020d 338.00 ms 370.74 ms 32.74 ms
4a9c176 319.77 ms 363.20 ms 43.43 ms
703d523 275.51 ms 323.02 ms 47.51 ms
ecf9680 321.55 ms 385.52 ms 63.97 ms
b85d8aa 289.35 ms 335.92 ms 46.56 ms
90e9745 314.68 ms 357.28 ms 42.60 ms

App size

Revision Plain With Sentry Diff
4a9c176 1.73 MiB 2.33 MiB 612.69 KiB
a04f788 1.73 MiB 2.32 MiB 609.88 KiB
f1150bc 1.73 MiB 2.33 MiB 615.66 KiB
d00c464 1.73 MiB 2.33 MiB 613.02 KiB
f55020d 1.73 MiB 2.33 MiB 616.54 KiB
4a9c176 1.73 MiB 2.33 MiB 612.69 KiB
703d523 1.73 MiB 2.33 MiB 613.23 KiB
ecf9680 1.73 MiB 2.32 MiB 612.39 KiB
b85d8aa 1.73 MiB 2.32 MiB 611.62 KiB
90e9745 1.73 MiB 2.32 MiB 608.63 KiB

Previous results on branch: feta/add-more-sensitive-http-headers

Startup times

Revision Plain With Sentry Diff
0eb52e9 414.48 ms 459.14 ms 44.66 ms

App size

Revision Plain With Sentry Diff
0eb52e9 1.73 MiB 2.33 MiB 616.87 KiB

@adinauer adinauer changed the title Add more sensitive HTTP headers Extend list of http headers considered sensitive Jan 9, 2023
@adinauer adinauer changed the title Extend list of http headers considered sensitive Extend list of HTTP headers considered sensitive Jan 9, 2023
@adinauer adinauer merged commit a3f5149 into main Jan 10, 2023
@adinauer adinauer deleted the feta/add-more-sensitive-http-headers branch January 10, 2023 05:17
@gslevinkov gslevinkov mentioned this pull request Jan 20, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@romtsn romtsn romtsn approved these changes

@stefanosiano stefanosiano Awaiting requested review from stefanosiano stefanosiano is a code owner

@markushi markushi Awaiting requested review from markushi markushi is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

X-Real-IP is not considered a sensitive header but should be
2 participants
@adinauer @romtsn