Is it possible to override logbook.obfuscate.headers

[boulardmaxime]

Hi everyone,

I agree it's not the politics to allow authorization header, but is there a way to byPass this filter?

I've overrided this logbook.obfuscate.headers but doesn't work, and got no more ideas tho.

Notes : logbook-spring-boot-starter is used

Regards.

[whiskeysierra]

I've overrided this logbook.obfuscate.headers but doesn't work, and got no more ideas tho.

Can you show what you tried? An empty map doesn't work, you need to specify at least one header that you want to obfuscate.

[boulardmaxime]

Nothing special, I used the Logbook.builder() without any "headerFilter".
Perhaps this way includes the default logbook configurations and cannot be overrided.

In the application.properties I tried with an empty array (which doesn't apparently) and with

• logbook.obfuscate.headers=[referer] (just to try)

Unfortunately, while debugging my Sink implementation, the HttpRequest logbook object still have the referer and the authorization is obfuscated

[Neko-Tyan]

For anyone still interested, this can be done with the help of Logbook bean created as follows:

Logbook logbook() {
        return Logbook.builder()
                ...   
                .headerFilter(HeaderFilter.none())
                .build();
    }