WIP - Redact specific url query string values and url credentials in instrumentations #3508
+137
−32
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…t in instrumentations
hectorhdzg
reviewed
May 16, 2025
util/opentelemetry-util-http/src/opentelemetry/util/http/__init__.py
Outdated
Show resolved
Hide resolved
|
Please update the changelog to include these changes |
…m/rads-1996/opentelemetry-python-contrib into rads-1996/redact-sensitive-params
…m/rads-1996/opentelemetry-python-contrib into rads-1996/redact-sensitive-params
rads-1996
changed the title
xrmx
reviewed
May 21, 2025
| @@ -232,7 +233,8 @@ def get_or_create_headers(): | |||
| method = request.method | |||
| span_name = get_default_span_name(method) | |||
|
|
|||
| url = remove_url_credentials(request.url) | |||
| url = redact_query_parameters(remove_url_credentials(request.url)) | |||
There was a problem hiding this comment.
What do you think on creating a redact_url function that calls both instead?
There was a problem hiding this comment.
Yes, that does make sense. I will make changes for it.
| parsed.fragment, | ||
| ) | ||
| ) | ||
| except ValueError: # an unparsable url was passed |
There was a problem hiding this comment.
If this is just for urlparse, maybe do an early return instead so we save one indentation level?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This pull request provides an implementation for issue #2992 which points to a specification which states that specific URL query string values should now be redacted by default. This PR also aligns with the semantic conventions for HTTP spans which states that sensitive content provided in url.full SHOULD be scrubbed when instrumentations can identify it, in such case username and password SHOULD be redacted (https://github.com/open-telemetry/semantic-conventions/blob/main/docs/http/http-spans.md).
The existing method
remove_url_credentials(PR: #538), which previously removed theusername:passwordportion from a URL if present, has been updated to replace the credentials with the string REDACTED.The new method
redact_query_parametersremoves the values of query string parameters for the following keys by default:Note: This is not an exhaustive list and is subject to change over time.
These methods have been absorbed in the following instrumentations - httpx, requests, urllib, urllib3, aiohttp, tornado, asgi, wsgi.
Type of change
Please delete options that are not relevant.
How Has This Been Tested?
Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration
remove_url_credentialsandredact_query_parametersmethods.Does This PR Require a Core Repo Change?
Checklist:
See contributing.md for styleguide, changelog guidelines, and more.