Skip to main content

redact_request_body

Function redact_request_body 

Source
pub fn redact_request_body<T>(result: Result<T>) -> Result<T>
Expand description

Strips the captured HTTP request body from every layer of an error chain.

Cloud “create” requests carry secrets in the request body (e.g. a DB master password). On a non-2xx response the transport records that body in ErrorData::HttpResponseError, in both the typed payload and the context JSON snapshot. A non-internal .context(...) wrapper does not sanitize its source, and the source chain is serialized verbatim into durable state and status responses — so the body could leak.

This scrubs both representations across the head and full source chain, keeping status, response text, URL, and chain intact. Response text is kept deliberately: RDS / Cloud SQL / Flexible Server error bodies don’t echo the submitted password back, so it stays as a diagnostic — a future caller wiring this to an API that does reflect request fields in its error responses would need to scrub that too. Order-independent: works whether the HTTP error is still the head (AWS: redaction before mapping) or already wrapped into the source (GCP/Azure: transport maps first). Apply to the raw transport result of any request whose body contains a secret.