about summary refs log tree commit diff
diff options
context:
space:
mode:
authorVika <vika@fireburn.ru>2024-03-25 03:15:47 +0300
committerVika <vika@fireburn.ru>2024-06-14 22:21:26 +0300
commit6c280c3d6760621f8b50e56cf477f9286d35ffce (patch)
treec620abcc8c4d836f519caa897c96e9ce4a5652d3
parent8fd75d6dc74db029ddfdb64dedcc2779f0f82455 (diff)
downloadkittybox-6c280c3d6760621f8b50e56cf477f9286d35ffce.tar.zst
Mask sensitive headers
-rw-r--r--Cargo.toml2
-rw-r--r--src/main.rs8
2 files changed, 8 insertions, 2 deletions
diff --git a/Cargo.toml b/Cargo.toml
index 17e377b..809e68b 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -96,7 +96,7 @@ tracing = { version = "0.1.34", features = [] }
 tracing-tree = "0.2.1"
 tracing-log = "0.1.3"
 tracing-subscriber = { version = "0.3.11", features = ["env-filter", "json"] }
-tower-http = { version = "0.3.3", features = ["trace", "cors", "catch-panic"] }
+tower-http = { version = "0.3.3", features = ["trace", "cors", "catch-panic", "sensitive-headers"] }
 tower = { version = "0.4.12", features = ["tracing"] }
 webauthn = { version = "0.4.5", package = "webauthn-rs", features = ["danger-allow-state-serialisation"], optional = true }
 [dependencies.tokio]
diff --git a/src/main.rs b/src/main.rs
index 6389489..b7a6035 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -229,7 +229,13 @@ async fn compose_kittybox(
         .route("/.kittybox/coffee", teapot_route())
         .nest("/.kittybox/micropub/client", kittybox::companion::router())
         .layer(tower_http::trace::TraceLayer::new_for_http())
-        .layer(tower_http::catch_panic::CatchPanicLayer::new());
+        .layer(tower_http::catch_panic::CatchPanicLayer::new())
+        .layer(tower_http::sensitive_headers::SetSensitiveHeadersLayer::new([
+            axum::http::header::AUTHORIZATION,
+            // Not used yet, but will be eventually
+            axum::http::header::COOKIE,
+            axum::http::header::SET_COOKIE,
+        ]));
 
     (router, task)
 }