qubit_http/constants.rs
1/*******************************************************************************
2 *
3 * Copyright (c) 2025 - 2026 Haixing Hu.
4 *
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0.
8 *
9 ******************************************************************************/
10//! Crate-wide defaults and fixed tuning values for HTTP client behavior and logging.
11
12// ---------------------------------------------------------------------------
13// Sensitive headers (log masking)
14// ---------------------------------------------------------------------------
15
16/// Built-in header names preloaded into [`crate::SensitiveHttpHeaders::default`]
17/// for log masking.
18pub const DEFAULT_SENSITIVE_HEADER_NAMES: [&str; 21] = [
19 "Authorization",
20 "Proxy-Authorization",
21 "Api-Key",
22 "X-Api-Key",
23 "Bearer",
24 "Cookie",
25 "Set-Cookie",
26 "Secret-Key",
27 "Client-Secret",
28 "Access-Token",
29 "Refresh-Token",
30 "Private-Token",
31 "Session-Token",
32 "JWT-Token",
33 "Password",
34 "X-Auth-Password",
35 "X-Client-ID",
36 "X-Client-Secret",
37 "X-Auth-Token",
38 "X-Auth-App-Token",
39 "X-Auth-User-Token",
40];
41
42// ---------------------------------------------------------------------------
43// Timeouts ([`crate::HttpTimeoutOptions::default`])
44// ---------------------------------------------------------------------------
45
46/// Default connect timeout in seconds.
47pub const DEFAULT_CONNECT_TIMEOUT_SECS: u64 = 10;
48
49/// Default read timeout in seconds.
50pub const DEFAULT_READ_TIMEOUT_SECS: u64 = 120;
51
52/// Default write timeout in seconds.
53pub const DEFAULT_WRITE_TIMEOUT_SECS: u64 = 120;
54
55// ---------------------------------------------------------------------------
56// Logging ([`crate::HttpLoggingOptions::default`])
57// ---------------------------------------------------------------------------
58
59/// Default maximum body bytes included in TRACE log previews.
60pub const DEFAULT_LOG_BODY_SIZE_LIMIT_BYTES: usize = 16 * 1024;
61
62/// Default maximum bytes included in non-success response body previews on [`crate::HttpError`].
63pub const DEFAULT_ERROR_RESPONSE_PREVIEW_LIMIT_BYTES: usize = 16 * 1024;
64
65// ---------------------------------------------------------------------------
66// SSE decode safety limits
67// ---------------------------------------------------------------------------
68
69/// Default maximum bytes allowed for a single SSE line before raising a protocol error.
70pub const DEFAULT_SSE_MAX_LINE_BYTES: usize = 64 * 1024;
71
72/// Default maximum bytes allowed for one SSE frame (between blank lines) before raising a protocol error.
73pub const DEFAULT_SSE_MAX_FRAME_BYTES: usize = 1024 * 1024;
74
75// ---------------------------------------------------------------------------
76// Sensitive header value masking rules used by [`crate::HttpLogger`]
77// ---------------------------------------------------------------------------
78
79/// Values with at most this many characters are fully replaced by [`SENSITIVE_HEADER_MASK_PLACEHOLDER`].
80pub const SENSITIVE_HEADER_MASK_SHORT_LEN: usize = 4;
81
82/// How many characters to keep visible at the start and end when masking longer values.
83pub const SENSITIVE_HEADER_MASK_EDGE_CHARS: usize = 2;
84
85/// Replacement string for fully masked or middle segments of sensitive header values.
86pub const SENSITIVE_HEADER_MASK_PLACEHOLDER: &str = "****";