(doris) branch master updated: [enhance](auth)Hidden the token info during StreamLoad in BE info (#60656)

Wed, 11 Feb 2026 08:27:38 -0800 

This is an automated email from the ASF dual-hosted git repository.

dataroaring pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/doris.git


The following commit(s) were added to refs/heads/master by this push:
     new a013e7e0595 [enhance](auth)Hidden the token info during StreamLoad in 
BE info (#60656)
a013e7e0595 is described below

commit a013e7e05954785573f5f0b3754074aef97e5c2a
Author: Refrain <[email protected]>
AuthorDate: Thu Feb 12 00:26:40 2026 +0800

    [enhance](auth)Hidden the token info during StreamLoad in BE info (#60656)
---
 be/src/http/http_request.cpp | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/be/src/http/http_request.cpp b/be/src/http/http_request.cpp
index d077b9a543d..7478e0d1f41 100644
--- a/be/src/http/http_request.cpp
+++ b/be/src/http/http_request.cpp
@@ -37,6 +37,13 @@ namespace doris {
 
 static std::string s_empty = "";
 
+// Helper function to check if a header should be masked in logs
+static bool is_sensitive_header(const std::string& header_name) {
+    return iequal(header_name, HttpHeaders::AUTHORIZATION) ||
+           iequal(header_name, HttpHeaders::PROXY_AUTHORIZATION) || 
iequal(header_name, "token") ||
+           iequal(header_name, HttpHeaders::AUTH_TOKEN);
+}
+
 HttpRequest::HttpRequest(evhttp_request* evhttp_request) : 
_ev_req(evhttp_request) {}
 
 HttpRequest::~HttpRequest() {
@@ -88,8 +95,7 @@ std::string HttpRequest::debug_string() const {
        << "raw_path:" << _raw_path << "\n"
        << "headers: \n";
     for (auto& iter : _headers) {
-        if (iequal(iter.first, HttpHeaders::AUTHORIZATION) ||
-            iequal(iter.first, HttpHeaders::PROXY_AUTHORIZATION)) {
+        if (is_sensitive_header(iter.first)) {
             ss << "key=" << iter.first << ", value=***MASKED***\n";
         } else {
             ss << "key=" << iter.first << ", value=" << iter.second << "\n";
@@ -123,8 +129,7 @@ std::string HttpRequest::get_all_headers() const {
     std::stringstream headers;
     for (const auto& header : _headers) {
         // Mask sensitive headers
-        if (iequal(header.first, HttpHeaders::AUTHORIZATION) ||
-            iequal(header.first, HttpHeaders::PROXY_AUTHORIZATION)) {
+        if (is_sensitive_header(header.first)) {
             headers << header.first << ":***MASKED***, ";
         } else {
             headers << header.first << ":" << header.second + ", ";


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to