ensure we're not printing out the authorization token

ipfs-shipyard · Mar 22, 2022 · c58f25d · c58f25d
1 parent d935dd7
commit c58f25d
Showing 1 changed file with 8 additions and 5 deletions.
diff --git a/src/middleware/requestReponseLogger.ts b/src/middleware/requestReponseLogger.ts
@@ -24,12 +24,15 @@ const stringifyHeaders = (headers?: Headers | HeadersInit) => {
     })
   } else {
     const headersInit = headers as Record<string, string>
-    for (const key in headersInit) {
-      if (Object.prototype.isPrototypeOf.call(headersInit, key)) {
-        const val = headersInit[key]
-        headerString = `${headerString}${key}:${val};`
+    console.log('headersInit: ', headersInit)
+    Object.keys(headersInit).forEach((key) => {
+      let val = headersInit[key]
+      if (/authorization/i.test(key)) {
+        // Authorization: <auth-scheme> <authorization-parameters>
+        val = `${val.split(' ')[0]} REDACTED`
       }
-    }
+      headerString = `${headerString}${key}:${val};`
+    })
   }
   return headerString
 }