diff options
author | Francis Lavoie <lavofr@gmail.com> | 2021-12-02 15:26:24 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-12-02 13:26:24 -0700 |
commit | 5bf0adad8748e96e10529d5fc5777afc9236a7b5 (patch) | |
tree | b26d766d1686f39d5d43847d4742782fa5524c4f /caddyconfig | |
parent | 8e5aafa5cdb0bd6ad062014172ed21fdc1012cc1 (diff) |
caddyhttp: Make logging of credential headers opt-in (#4438)
Diffstat (limited to 'caddyconfig')
-rw-r--r-- | caddyconfig/httpcaddyfile/serveroptions.go | 31 |
1 files changed, 22 insertions, 9 deletions
diff --git a/caddyconfig/httpcaddyfile/serveroptions.go b/caddyconfig/httpcaddyfile/serveroptions.go index 9e94b86..623f4d7 100644 --- a/caddyconfig/httpcaddyfile/serveroptions.go +++ b/caddyconfig/httpcaddyfile/serveroptions.go @@ -33,15 +33,16 @@ type serverOptions struct { ListenerAddress string // These will all map 1:1 to the caddyhttp.Server struct - ListenerWrappersRaw []json.RawMessage - ReadTimeout caddy.Duration - ReadHeaderTimeout caddy.Duration - WriteTimeout caddy.Duration - IdleTimeout caddy.Duration - MaxHeaderBytes int - AllowH2C bool - ExperimentalHTTP3 bool - StrictSNIHost *bool + ListenerWrappersRaw []json.RawMessage + ReadTimeout caddy.Duration + ReadHeaderTimeout caddy.Duration + WriteTimeout caddy.Duration + IdleTimeout caddy.Duration + MaxHeaderBytes int + AllowH2C bool + ExperimentalHTTP3 bool + StrictSNIHost *bool + ShouldLogCredentials bool } func unmarshalCaddyfileServerOptions(d *caddyfile.Dispenser) (interface{}, error) { @@ -134,6 +135,12 @@ func unmarshalCaddyfileServerOptions(d *caddyfile.Dispenser) (interface{}, error } serverOpts.MaxHeaderBytes = int(size) + case "log_credentials": + if d.NextArg() { + return nil, d.ArgErr() + } + serverOpts.ShouldLogCredentials = true + case "protocol": for nesting := d.Nesting(); d.NextBlock(nesting); { switch d.Val() { @@ -222,6 +229,12 @@ func applyServerOptions( server.AllowH2C = opts.AllowH2C server.ExperimentalHTTP3 = opts.ExperimentalHTTP3 server.StrictSNIHost = opts.StrictSNIHost + if opts.ShouldLogCredentials { + if server.Logs == nil { + server.Logs = &caddyhttp.ServerLogConfig{} + } + server.Logs.ShouldLogCredentials = opts.ShouldLogCredentials + } } return nil |