Hide sensitive data from http actions logs
For now, Mistral has no instruments for hiding sensitive data from http action logs.
It could lead to the problem, when customer sensitive data (e.g. some tokens) could be accessible for everyone who had access to logs.
HTTP action could have this sensitive information:
* Request Headers
* Request Body
* Response Body
We should create an ability to configure what we should hide from mistral logs.
Example of how it could be configured:
[action_logging]
hide_response_body = true
hide_request_body = true
sensitive_headers = Header1, Header2
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Oleg Ovcharuk
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
Add an ability to hide sensitive data from http action logs