Skip to content

core: redact sensitive headers in the fetch log #1561

Description

@cliffhall

Summary

Redact sensitive header values in the fetch tracker before any request/response is recorded: Authorization, Cookie, Set-Cookie, Proxy-Authorization, X-Api-Key, and x-mcp-remote-auth are replaced with a [REDACTED] marker.

Why

createFetchTracker entries flow to the in-memory list (visible in the UI), the pino logger, and persisted session storage. None of those sinks should ever see live bearer tokens or session cookies — especially once OAuth tokens ride these requests.

Reference implementation (PR #1510)

Re-implement informed by these changes at 33fac3f:

Depends on

Nothing — Wave 1 foundation, parallel-safe.

Notes

  • Redact case-insensitively; apply before the entry reaches any sink (logger, in-memory, persistence).
  • Coverage gate ≥90 on all four dimensions.

Part of the PR #1510 decomposition (see tracking issue).

Metadata

Metadata

Assignees

Labels

v2Issues and PRs for v2

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions