This is an automated email from the ASF dual-hosted git repository.
liaoxin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/doris.git
The following commit(s) were added to refs/heads/master by this push:
new 0b93558abb9 [enhance](auth)Hidden the auth info during StreamLoad in
BE info (#59743)
0b93558abb9 is described below
commit 0b93558abb953e823f62c1c0f253945d60a0e768
Author: Refrain <[email protected]>
AuthorDate: Wed Jan 21 15:54:54 2026 +0800
[enhance](auth)Hidden the auth info during StreamLoad in BE info (#59743)
---
be/src/http/action/stream_load_forward_handler.cpp | 8 +-------
be/src/http/http_request.cpp | 16 ++++++++++++++--
2 files changed, 15 insertions(+), 9 deletions(-)
diff --git a/be/src/http/action/stream_load_forward_handler.cpp
b/be/src/http/action/stream_load_forward_handler.cpp
index d3d713971ca..37657947ba5 100644
--- a/be/src/http/action/stream_load_forward_handler.cpp
+++ b/be/src/http/action/stream_load_forward_handler.cpp
@@ -32,12 +32,6 @@ namespace doris {
#include "common/compile_check_begin.h"
int StreamLoadForwardHandler::on_header(HttpRequest* req) {
- std::ostringstream headers_info;
- const auto& headers = req->headers();
- for (const auto& header : headers) {
- headers_info << header.first << ":" << header.second << " ";
- }
-
std::ostringstream params_info;
const auto* params = req->params();
for (const auto& param : *params) {
@@ -46,7 +40,7 @@ int StreamLoadForwardHandler::on_header(HttpRequest* req) {
LOG(INFO) << "StreamLoadForward request started - "
<< "path: " << req->raw_path() << ", remote: " <<
req->remote_host() << ", headers: ["
- << headers_info.str() << "]"
+ << req->get_all_headers() << "]"
<< ", params: [" << params_info.str() << "]";
std::shared_ptr<StreamLoadForwardContext> ctx(new
StreamLoadForwardContext());
diff --git a/be/src/http/http_request.cpp b/be/src/http/http_request.cpp
index 01d644da831..d077b9a543d 100644
--- a/be/src/http/http_request.cpp
+++ b/be/src/http/http_request.cpp
@@ -29,6 +29,7 @@
#include <utility>
#include "http/http_handler.h"
+#include "http/http_headers.h"
#include "runtime/stream_load/stream_load_context.h"
#include "util/stack_util.h"
@@ -87,7 +88,12 @@ std::string HttpRequest::debug_string() const {
<< "raw_path:" << _raw_path << "\n"
<< "headers: \n";
for (auto& iter : _headers) {
- ss << "key=" << iter.first << ", value=" << iter.second << "\n";
+ if (iequal(iter.first, HttpHeaders::AUTHORIZATION) ||
+ iequal(iter.first, HttpHeaders::PROXY_AUTHORIZATION)) {
+ ss << "key=" << iter.first << ", value=***MASKED***\n";
+ } else {
+ ss << "key=" << iter.first << ", value=" << iter.second << "\n";
+ }
}
ss << "params: \n";
for (auto& iter : _params) {
@@ -116,7 +122,13 @@ const std::string& HttpRequest::param(const std::string&
key) const {
std::string HttpRequest::get_all_headers() const {
std::stringstream headers;
for (const auto& header : _headers) {
- headers << header.first << ":" << header.second + ", ";
+ // Mask sensitive headers
+ if (iequal(header.first, HttpHeaders::AUTHORIZATION) ||
+ iequal(header.first, HttpHeaders::PROXY_AUTHORIZATION)) {
+ headers << header.first << ":***MASKED***, ";
+ } else {
+ headers << header.first << ":" << header.second + ", ";
+ }
}
return headers.str();
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
