Commit 185d00d
PLT-287: Harden HTTP logging and header limits (#191)
* PLT-287: Harden HTTP logging and header limits
Skip body logging for compressed responses (gzip, br, deflate) in both
logResponse() and handleFileLogging() — log headers with a [body omitted]
notice instead of dumping garbled binary bytes to structured logs.
Cap MaxBodyLogSize default to 10KB when LogBody is enabled and no
explicit limit is set, preventing unbounded body logging.
Add MaxHeaderBytes to httpserver (default 32KB) to reject oversized
request headers with 431 before reaching application code.
* Address Copilot PR feedback on MaxHeaderBytes tests
- Validate MaxHeaderBytes <= 0 (not just == 0) so negative values
cannot silently bypass the 32KB default
- Replace NUL-byte header payload with valid ASCII; the original test
was passing due to client-side rejection, not server-side enforcement
- Account for Go's 4096-byte internal overhead in MaxHeaderBytes check
- Assert network error type on connection-reset path instead of silently
passing on unexpected errors
* Fix gosec lint findings in httpclient logger
- Sanitize id parameter in LogRequest, LogResponse, and
LogTransactionToFile before using in file paths (G703)
- Add nolint directives for G705 false positives — fmt.Fprintf writes
to local log files, not HTTP responses
* Potential fix for code scanning alert no. 224: Log entries created from user input
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* Lower MaxBodyLogSize default to 1KB; omit binary content types from logs
- Reduce MaxBodyLogSize default from 10KB to 1KB to keep structured log
entries reasonable for log aggregators
- Extract shouldOmitResponseBody() helper to check both Content-Encoding
and Content-Type, used by logResponse and handleFileLogging
- Omit body for binary content types (images, PDFs, protobuf,
octet-stream, etc.) even without Content-Encoding
- Allow text-based types: text/*, application/json, +json, +xml, etc.
* Add E2E integration test for gzip body logging with httpclient proxy
Add an integration test in examples/http-client that bootstraps the
httpclient module through the modular framework with verbose logging
and DisableCompression enabled, then exercises the transport through
an httputil.ReverseProxy — the same wiring reverseproxy uses at
module.go:1581. Asserts that log output contains the body-omission
notice for gzip responses and does not contain raw binary bytes.
* Fix gosec lint findings in reverseproxy module
Add nolint annotations for:
- G704 (SSRF) in composite.go and dryrun.go: URLs are built from
configured backend addresses, not user input
- G118 (context leak) in health_checker.go: cancel func is stored
on the struct and called in Stop()
* Fix flaky TestAffiliateBackendOverrideRouting test
The test captured the first HandleFunc("/*") from the mock router,
but setupBackendRoutes registers one per backend using map iteration
(random order). When the "chimera" handler was captured instead of
"legacy", the proxy tried to reach bing.com and failed with 500.
Fix by capturing the last "/*" handler, which is the catch-all from
registerBasicRoutes that properly routes all paths via pattern matching.
---------
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>1 parent d84294f commit 185d00d
File tree
15 files changed
+771
-64
lines changed- examples/http-client
- modules
- httpclient
- httpserver
- reverseproxy
15 files changed
+771
-64
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
10 | 10 | | |
11 | 11 | | |
12 | 12 | | |
| 13 | + | |
13 | 14 | | |
14 | 15 | | |
15 | 16 | | |
16 | 17 | | |
17 | 18 | | |
| 19 | + | |
18 | 20 | | |
19 | 21 | | |
20 | 22 | | |
21 | 23 | | |
22 | 24 | | |
23 | 25 | | |
24 | 26 | | |
| 27 | + | |
25 | 28 | | |
26 | 29 | | |
27 | 30 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
| 27 | + | |
| 28 | + | |
| 29 | + | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
| 45 | + | |
| 46 | + | |
| 47 | + | |
| 48 | + | |
| 49 | + | |
| 50 | + | |
| 51 | + | |
| 52 | + | |
| 53 | + | |
| 54 | + | |
| 55 | + | |
| 56 | + | |
| 57 | + | |
| 58 | + | |
| 59 | + | |
| 60 | + | |
| 61 | + | |
| 62 | + | |
| 63 | + | |
| 64 | + | |
| 65 | + | |
| 66 | + | |
| 67 | + | |
| 68 | + | |
| 69 | + | |
| 70 | + | |
| 71 | + | |
| 72 | + | |
| 73 | + | |
| 74 | + | |
| 75 | + | |
| 76 | + | |
| 77 | + | |
| 78 | + | |
| 79 | + | |
| 80 | + | |
| 81 | + | |
| 82 | + | |
| 83 | + | |
| 84 | + | |
| 85 | + | |
| 86 | + | |
| 87 | + | |
| 88 | + | |
| 89 | + | |
| 90 | + | |
| 91 | + | |
| 92 | + | |
| 93 | + | |
| 94 | + | |
| 95 | + | |
| 96 | + | |
| 97 | + | |
| 98 | + | |
| 99 | + | |
| 100 | + | |
| 101 | + | |
| 102 | + | |
| 103 | + | |
| 104 | + | |
| 105 | + | |
| 106 | + | |
| 107 | + | |
| 108 | + | |
| 109 | + | |
| 110 | + | |
| 111 | + | |
| 112 | + | |
| 113 | + | |
| 114 | + | |
| 115 | + | |
| 116 | + | |
| 117 | + | |
| 118 | + | |
| 119 | + | |
| 120 | + | |
| 121 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
29 | 29 | | |
30 | 30 | | |
31 | 31 | | |
32 | | - | |
| 32 | + | |
33 | 33 | | |
34 | 34 | | |
35 | 35 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
112 | 112 | | |
113 | 113 | | |
114 | 114 | | |
115 | | - | |
| 115 | + | |
116 | 116 | | |
117 | | - | |
| 117 | + | |
| 118 | + | |
| 119 | + | |
118 | 120 | | |
119 | 121 | | |
120 | 122 | | |
| |||
159 | 161 | | |
160 | 162 | | |
161 | 163 | | |
162 | | - | |
| 164 | + | |
163 | 165 | | |
164 | 166 | | |
165 | 167 | | |
166 | 168 | | |
| 169 | + | |
| 170 | + | |
| 171 | + | |
| 172 | + | |
| 173 | + | |
| 174 | + | |
| 175 | + | |
167 | 176 | | |
168 | 177 | | |
169 | 178 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
92 | 92 | | |
93 | 93 | | |
94 | 94 | | |
95 | | - | |
96 | | - | |
| 95 | + | |
| 96 | + | |
| 97 | + | |
| 98 | + | |
| 99 | + | |
| 100 | + | |
97 | 101 | | |
98 | 102 | | |
99 | 103 | | |
100 | 104 | | |
101 | 105 | | |
102 | 106 | | |
103 | 107 | | |
104 | | - | |
105 | | - | |
| 108 | + | |
| 109 | + | |
| 110 | + | |
| 111 | + | |
| 112 | + | |
| 113 | + | |
106 | 114 | | |
107 | 115 | | |
108 | 116 | | |
| |||
111 | 119 | | |
112 | 120 | | |
113 | 121 | | |
| 122 | + | |
| 123 | + | |
| 124 | + | |
| 125 | + | |
114 | 126 | | |
115 | 127 | | |
116 | 128 | | |
117 | 129 | | |
118 | 130 | | |
119 | | - | |
| 131 | + | |
120 | 132 | | |
121 | | - | |
| 133 | + | |
122 | 134 | | |
123 | 135 | | |
124 | 136 | | |
| |||
130 | 142 | | |
131 | 143 | | |
132 | 144 | | |
133 | | - | |
| 145 | + | |
134 | 146 | | |
135 | 147 | | |
136 | 148 | | |
| |||
139 | 151 | | |
140 | 152 | | |
141 | 153 | | |
142 | | - | |
| 154 | + | |
143 | 155 | | |
144 | 156 | | |
145 | 157 | | |
| |||
0 commit comments