Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[Docs] Warn users about printing headers in HTTP access logs #43156

New issue
New issue
Closed
enhancement
#44353
Closed
[Docs] Warn users about printing headers in HTTP access logs#43156
enhancement
#44353
Assignees
mabartos
Labels
area/docsarea/observabilityIssues related to traces, metrics, and logskind/enhancementCategorizes a PR related to an enhancementpriority/importantMust be worked on very soonrelease/26.4.7release/26.5.0team/cloud-native
@mabartos

Description

@mabartos
mabartos
opened on Oct 2, 2025

Description

We support 3 log patterns/formats for printing out HTTP access logs - common(default), combined, or long.

The long pattern prints out even all headers with sensitive information like Authorization, Cookie,...

It'd be good to mention it in the docs that administrators should be careful with handling the information, as it can be used for some malicious activity when obtained by an attacker.

Discussion

No response

Motivation

Improve security

Details

No response

Metadata

Metadata

Assignees

Labels

area/docsarea/observabilityIssues related to traces, metrics, and logskind/enhancementCategorizes a PR related to an enhancementpriority/importantMust be worked on very soonrelease/26.4.7release/26.5.0team/cloud-native

Type

enhancement

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions