Skip to content

Enhancing Request Controller for Security #657

Description

@projkov

Hello everyone

During the Connectathon in Australia, we received feedback regarding a security issue. Test results can be shared, but we believe the authorization header in request data should be hidden for security reasons.

I propose enhancing the request controller to include an option to hide the value of the header named 'Authorization' when ENV['SAFE_MODE'] is set to true. What do you think?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions