Replace API key redaction with SHA256 hash display
Instead of showing generic "[REDACTED]" for sensitive headers, the SanitizeHeaders function now calculates and displays the SHA256 hash of each API key. This provides: - Better debugging capabilities by allowing key identification via hash - Traceability of specific API keys across requests - Maintained security as actual keys are never exposed Changes in proxy/internal/handler/utils.go 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Elifarley C
parent
dd812ab15e
commit
a86d7cd3d6
1 changed files with 7 additions and 1 deletions
|
|
@ -36,7 +36,13 @@ func SanitizeHeaders(headers http.Header) http.Header {
|
|||
}
|
||||
|
||||
if isSensitive {
|
||||
sanitized[key] = []string{"[REDACTED]"}
|
||||
// Calculate SHA256 hash for each sensitive header value
|
||||
hashedValues := make([]string, len(values))
|
||||
for i, value := range values {
|
||||
hash := sha256.Sum256([]byte(value))
|
||||
hashedValues[i] = fmt.Sprintf("sha256:%x", hash)
|
||||
}
|
||||
sanitized[key] = hashedValues
|
||||
} else {
|
||||
sanitized[key] = values
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue