Summary
Redact sensitive header values in the fetch tracker before any request/response is recorded: Authorization, Cookie, Set-Cookie, Proxy-Authorization, X-Api-Key, and x-mcp-remote-auth are replaced with a [REDACTED] marker.
Why
createFetchTracker entries flow to the in-memory list (visible in the UI), the pino logger, and persisted session storage. None of those sinks should ever see live bearer tokens or session cookies — especially once OAuth tokens ride these requests.
Reference implementation (PR #1510)
Re-implement informed by these changes at 33fac3f:
Depends on
Nothing — Wave 1 foundation, parallel-safe.
Notes
- Redact case-insensitively; apply before the entry reaches any sink (logger, in-memory, persistence).
- Coverage gate ≥90 on all four dimensions.
Part of the PR #1510 decomposition (see tracking issue).
Summary
Redact sensitive header values in the fetch tracker before any request/response is recorded:
Authorization,Cookie,Set-Cookie,Proxy-Authorization,X-Api-Key, andx-mcp-remote-authare replaced with a[REDACTED]marker.Why
createFetchTrackerentries flow to the in-memory list (visible in the UI), the pino logger, and persisted session storage. None of those sinks should ever see live bearer tokens or session cookies — especially once OAuth tokens ride these requests.Reference implementation (PR #1510)
Re-implement informed by these changes at
33fac3f:SENSITIVE_HEADERSset,REDACTED_HEADER_VALUE,redactSensitiveHeaders()applied to both request and response headers before recording (+48/−7)Depends on
Nothing — Wave 1 foundation, parallel-safe.
Notes
Part of the PR #1510 decomposition (see tracking issue).