Skip to content

Hash data queue#5

Merged
solitarysp merged 2 commits into
mainfrom
hash-data-queue
Oct 26, 2025
Merged

Hash data queue#5
solitarysp merged 2 commits into
mainfrom
hash-data-queue

Conversation

@solitarysp
Copy link
Copy Markdown
Contributor

@solitarysp solitarysp commented Oct 26, 2025

No description provided.

@solitarysp
Bump Docker image version to v1.3.0
1f8c3f8 
Update docker-compose.yml to use thanhlvcom/proxy-queue:v1.3.0
reflecting the latest release with security enhancements.
@solitarysp
Add security enhancement for sensitive header data protection
9a17d72 
Implement hashing for sensitive header values in logs and queue keys to prevent
credential exposure. This includes:

- Hash sensitive headers (authorization, api keys, cookies, tokens) in debug logs
- Use SHA256 hashing for queue keys to avoid storing sensitive data in memory
- Add helper functions isSensitiveHeader() and hashHeaderValue() for security
- Display truncated hash values in logs for debugging while maintaining security
- Apply hashing consistently across HTTP request/response logging and queue management

Security headers protected: Authorization, X-Amz-Security-Token, X-API-Key,
Cookie, Set-Cookie, X-Auth-Token, Bearer tokens.

Fixes potential credential leakage in debug logs and memory structures while
maintaining queue functionality and debugging capabilities.
@solitarysp solitarysp merged commit 7b79e2c into main Oct 26, 2025
1 check passed
@solitarysp solitarysp deleted the hash-data-queue branch October 26, 2025 14:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@solitarysp