summaryrefslogtreecommitdiff
path: root/caddyconfig
diff options
context:
space:
mode:
authorFrancis Lavoie <lavofr@gmail.com>2021-12-02 15:26:24 -0500
committerGitHub <noreply@github.com>2021-12-02 13:26:24 -0700
commit5bf0adad8748e96e10529d5fc5777afc9236a7b5 (patch)
treeb26d766d1686f39d5d43847d4742782fa5524c4f /caddyconfig
parent8e5aafa5cdb0bd6ad062014172ed21fdc1012cc1 (diff)
caddyhttp: Make logging of credential headers opt-in (#4438)
Diffstat (limited to 'caddyconfig')
-rw-r--r--caddyconfig/httpcaddyfile/serveroptions.go31
1 files changed, 22 insertions, 9 deletions
diff --git a/caddyconfig/httpcaddyfile/serveroptions.go b/caddyconfig/httpcaddyfile/serveroptions.go
index 9e94b86..623f4d7 100644
--- a/caddyconfig/httpcaddyfile/serveroptions.go
+++ b/caddyconfig/httpcaddyfile/serveroptions.go
@@ -33,15 +33,16 @@ type serverOptions struct {
ListenerAddress string
// These will all map 1:1 to the caddyhttp.Server struct
- ListenerWrappersRaw []json.RawMessage
- ReadTimeout caddy.Duration
- ReadHeaderTimeout caddy.Duration
- WriteTimeout caddy.Duration
- IdleTimeout caddy.Duration
- MaxHeaderBytes int
- AllowH2C bool
- ExperimentalHTTP3 bool
- StrictSNIHost *bool
+ ListenerWrappersRaw []json.RawMessage
+ ReadTimeout caddy.Duration
+ ReadHeaderTimeout caddy.Duration
+ WriteTimeout caddy.Duration
+ IdleTimeout caddy.Duration
+ MaxHeaderBytes int
+ AllowH2C bool
+ ExperimentalHTTP3 bool
+ StrictSNIHost *bool
+ ShouldLogCredentials bool
}
func unmarshalCaddyfileServerOptions(d *caddyfile.Dispenser) (interface{}, error) {
@@ -134,6 +135,12 @@ func unmarshalCaddyfileServerOptions(d *caddyfile.Dispenser) (interface{}, error
}
serverOpts.MaxHeaderBytes = int(size)
+ case "log_credentials":
+ if d.NextArg() {
+ return nil, d.ArgErr()
+ }
+ serverOpts.ShouldLogCredentials = true
+
case "protocol":
for nesting := d.Nesting(); d.NextBlock(nesting); {
switch d.Val() {
@@ -222,6 +229,12 @@ func applyServerOptions(
server.AllowH2C = opts.AllowH2C
server.ExperimentalHTTP3 = opts.ExperimentalHTTP3
server.StrictSNIHost = opts.StrictSNIHost
+ if opts.ShouldLogCredentials {
+ if server.Logs == nil {
+ server.Logs = &caddyhttp.ServerLogConfig{}
+ }
+ server.Logs.ShouldLogCredentials = opts.ShouldLogCredentials
+ }
}
return nil