Module tower_http::sensitive_headers

Available on crate feature sensitive-headers only.

Middlewares that mark headers as sensitive.

Example

use tower_http::sensitive_headers::SetSensitiveHeadersLayer;
use tower::{Service, ServiceExt, ServiceBuilder, service_fn};
use http::{Request, Response, header::AUTHORIZATION};
use http_body_util::Full;
use bytes::Bytes;
use std::{iter::once, convert::Infallible};

async fn handle(req: Request<Full<Bytes>>) -> Result<Response<Full<Bytes>>, Infallible> {
    // ...
}

let mut service = ServiceBuilder::new()
    // Mark the `Authorization` header as sensitive so it doesn't show in logs
    //
    // `SetSensitiveHeadersLayer` will mark the header as sensitive on both the
    // request and response.
    //
    // The middleware is constructed from an iterator of headers to easily mark
    // multiple headers at once.
    .layer(SetSensitiveHeadersLayer::new(once(AUTHORIZATION)))
    .service(service_fn(handle));

// Call the service.
let response = service
    .ready()
    .await?
    .call(Request::new(Full::default()))
    .await?;

Its important to think about the order in which requests and responses arrive at your middleware. For example to hide headers both on requests and responses when using TraceLayer you have to apply SetSensitiveRequestHeadersLayer before TraceLayer and SetSensitiveResponseHeadersLayer afterwards.

use tower_http::{
    trace::TraceLayer,
    sensitive_headers::{
        SetSensitiveRequestHeadersLayer,
        SetSensitiveResponseHeadersLayer,
    },
};
use tower::{Service, ServiceExt, ServiceBuilder, service_fn};
use http::header;
use std::sync::Arc;

let headers: Arc<[_]> = Arc::new([
    header::AUTHORIZATION,
    header::PROXY_AUTHORIZATION,
    header::COOKIE,
    header::SET_COOKIE,
]);

let service = ServiceBuilder::new()
    .layer(SetSensitiveRequestHeadersLayer::from_shared(Arc::clone(&headers)))
    .layer(TraceLayer::new_for_http())
    .layer(SetSensitiveResponseHeadersLayer::from_shared(headers))
    .service_fn(handle);

Structs

• SetSensitiveHeadersLayer
  Mark headers as sensitive on both requests and responses.
• SetSensitiveRequestHeaders
  Mark request headers as sensitive.
• SetSensitiveRequestHeadersLayer
  Mark request headers as sensitive.
• SetSensitiveResponseHeaders
  Mark response headers as sensitive.
• SetSensitiveResponseHeadersLayer
  Mark response headers as sensitive.
• SetSensitiveResponseHeadersResponseFuture
  Response future for SetSensitiveResponseHeaders.

Type Aliases

• SetSensitiveHeaders
  Mark headers as sensitive on both requests and responses.