qubit_http/constants.rs
1/*******************************************************************************
2 *
3 * Copyright (c) 2025 - 2026.
4 * Haixing Hu, Qubit Co. Ltd.
5 *
6 * All rights reserved.
7 *
8 ******************************************************************************/
9//! Crate-wide defaults and fixed tuning values for HTTP client behavior and logging.
10
11// ---------------------------------------------------------------------------
12// Sensitive headers (log masking)
13// ---------------------------------------------------------------------------
14
15/// Built-in header names preloaded into [`crate::SensitiveHeaders::default`] for log masking.
16pub const DEFAULT_SENSITIVE_HEADER_NAMES: [&str; 20] = [
17 "Authorization",
18 "Api-Key",
19 "X-Api-Key",
20 "Bearer",
21 "Cookie",
22 "Set-Cookie",
23 "Secret-Key",
24 "Client-Secret",
25 "Access-Token",
26 "Refresh-Token",
27 "Private-Token",
28 "Session-Token",
29 "JWT-Token",
30 "Password",
31 "X-Auth-Password",
32 "X-Client-ID",
33 "X-Client-Secret",
34 "X-Auth-Token",
35 "X-Auth-App-Token",
36 "X-Auth-User-Token",
37];
38
39// ---------------------------------------------------------------------------
40// Timeouts ([`crate::TimeoutOptions::default`])
41// ---------------------------------------------------------------------------
42
43/// Default connect timeout in seconds.
44pub const DEFAULT_CONNECT_TIMEOUT_SECS: u64 = 10;
45
46/// Default read timeout in seconds.
47pub const DEFAULT_READ_TIMEOUT_SECS: u64 = 120;
48
49/// Default write timeout in seconds.
50pub const DEFAULT_WRITE_TIMEOUT_SECS: u64 = 120;
51
52// ---------------------------------------------------------------------------
53// Logging ([`crate::HttpLoggingOptions::default`])
54// ---------------------------------------------------------------------------
55
56/// Default maximum body bytes included in TRACE log previews.
57pub const DEFAULT_LOG_BODY_SIZE_LIMIT_BYTES: usize = 16 * 1024;
58
59// ---------------------------------------------------------------------------
60// SSE decode safety limits
61// ---------------------------------------------------------------------------
62
63/// Default maximum bytes allowed for a single SSE line before raising a protocol error.
64pub const DEFAULT_SSE_MAX_LINE_BYTES: usize = 64 * 1024;
65
66/// Default maximum bytes allowed for one SSE frame (between blank lines) before raising a protocol error.
67pub const DEFAULT_SSE_MAX_FRAME_BYTES: usize = 1024 * 1024;
68
69// ---------------------------------------------------------------------------
70// Sensitive header value masking rules used by [`crate::HttpLogger`]
71// ---------------------------------------------------------------------------
72
73/// Values with at most this many characters are fully replaced by [`SENSITIVE_HEADER_MASK_PLACEHOLDER`].
74pub const SENSITIVE_HEADER_MASK_SHORT_LEN: usize = 4;
75
76/// How many characters to keep visible at the start and end when masking longer values.
77pub const SENSITIVE_HEADER_MASK_EDGE_CHARS: usize = 2;
78
79/// Replacement string for fully masked or middle segments of sensitive header values.
80pub const SENSITIVE_HEADER_MASK_PLACEHOLDER: &str = "****";