fix: redact query of location header

The location header may contain sensitive information in the query, which is why we redact it as well.
ory · Feb 14, 2025 · b1376ed · b1376ed
1 parent b546637
commit b1376ed
Showing 1 changed file with 16 additions and 3 deletions.
diff --git a/logrusx/helper.go b/logrusx/helper.go
@@ -58,10 +58,23 @@ func (l *Logger) HTTPHeadersRedacted(h http.Header) map[string]interface{} {
 	headers := map[string]interface{}{}
 
 	for key, value := range h {
-		keyLower := strings.ToLower(key)
-		if keyLower == "authorization" || keyLower == "cookie" || keyLower == "set-cookie" || keyLower == "x-session-token" {
+		switch keyLower := strings.ToLower(key); keyLower {
+		case "authorization", "cookie", "set-cookie", "x-session-token":
 			headers[keyLower] = l.maybeRedact(value)
-		} else {
+		case "location":
+			locationURL, err := url.Parse(h.Get("Location"))
+			if err != nil {
+				headers[keyLower] = l.maybeRedact(value)
+				continue
+			}
+			if l.leakSensitive {
+				headers[keyLower] = locationURL.String()
+			} else {
+				locationURL.RawQuery = ""
+				locationURL.Fragment = ""
+				headers[keyLower] = locationURL.Redacted()
+			}
+		default:
 			headers[keyLower] = h.Get(key)
 		}
 	}