Skip to content
This repository was archived by the owner on Nov 17, 2018. It is now read-only.

Masking sensitive data in URL for logging #160

Closed
joacar opened this issue Aug 17, 2018 · 2 comments
Closed

Masking sensitive data in URL for logging #160

joacar opened this issue Aug 17, 2018 · 2 comments
Labels
question

Comments

@joacar
Copy link

joacar commented Aug 17, 2018

Hi,

Great work on this!

I wonder if there is any plan implementing an extensibility point to mask/remove sensitive data from HttpRequestMessage logging, for example in url?
@rynowak
Copy link
Member

rynowak commented Aug 28, 2018

You can remove the built in logging by either filtering out of all of the relevant categories or removing all services of type IHttpMessageHandlerBuilderFilter from the service collection in ConfigureServices.

Be aware though the in ASP.NET Core broadly we don't consider URLs to be sensitive data, we log them all over the place.

@rynowak
Copy link
Member

rynowak commented Sep 10, 2018

Closing this as its been answered. Let us know if we can do anything else to help.

@rynowak rynowak closed this as completed Sep 10, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@joacar @rynowak