-
Notifications
You must be signed in to change notification settings - Fork 53
Open
Description
Followup to #7339.
omicron/nexus/src/app/audit_log.rs
Lines 87 to 103 in 6ab7e96
| // A note on the handling of request URI: request.request.uri() is a | |
| // http::Uri, which contains the scheme and host only if they are in the | |
| // HTTP request line itself, i.e., only for HTTP/2 requests. So for HTTP/1.1 | |
| // requests, all we'll have is a path. We are truncating it because it can | |
| // be arbitrarily long in theory, and we don't want to let people jam very | |
| // long strings into the DB. | |
| // | |
| // We could use the authority_for_request helper defined elsewhere to pull | |
| // the authority out of either the URI or the host header as appropriate | |
| // and log that in a dedicated column. In that case I think we would want | |
| // to log uri().path_and_query() instead of the full URI -- the only problem | |
| // is that path_and_query() returns an option, so we'd need to decide what | |
| // to fall back to, though in practice I don't think it's possible for it to | |
| // come back as `None` because every operation we audit log has a path. | |
| // | |
| // We should also consider redacting query strings or at least building in | |
| // some tooling to help us make sure we're not logging anything sensitive. |
Metadata
Metadata
Assignees
Labels
No labels