Sanitization

Sanitization will help you to protect sensitive data (passwords, secret keys, etc.) from leakage.

You should always the log, so no personal tokens and/or keys can leak.

If you don't use sanitization at all, the request and response logs will not be available in the .

...
"log": {
        "sanitize": ["request.headers.accesstoken"]
    }
...

Accesstoken is correctly mapped, therefore it is not exposed.

...
"log": {
        "sanitize": ["request.headers.token"]
    }
...

Notice, the accesstoken was misplaced for token. Therefore the accesstoken was exposed in the log.

Even though there are many standardized authorization protocols (like OAuth 2), there are many services thinking they can do it better so remember to check how the service implements the authorization and set it up correctly.

PreviousError handling NextAdvanced inheritance

Last updated 4 months ago