~vikanezrimaya/kittybox

6c280c3d6760621f8b50e56cf477f9286d35ffce — Vika 8 months ago 8fd75d6
Mask sensitive headers
2 files changed, 8 insertions(+), 2 deletions(-)

M Cargo.toml
M src/main.rs
M Cargo.toml => Cargo.toml +1 -1
@@ 96,7 96,7 @@ tracing = { version = "0.1.34", features = [] }
tracing-tree = "0.2.1"
tracing-log = "0.1.3"
tracing-subscriber = { version = "0.3.11", features = ["env-filter", "json"] }
tower-http = { version = "0.3.3", features = ["trace", "cors", "catch-panic"] }
tower-http = { version = "0.3.3", features = ["trace", "cors", "catch-panic", "sensitive-headers"] }
tower = { version = "0.4.12", features = ["tracing"] }
webauthn = { version = "0.4.5", package = "webauthn-rs", features = ["danger-allow-state-serialisation"], optional = true }
[dependencies.tokio]

M src/main.rs => src/main.rs +7 -1
@@ 229,7 229,13 @@ async fn compose_kittybox(
        .route("/.kittybox/coffee", teapot_route())
        .nest("/.kittybox/micropub/client", kittybox::companion::router())
        .layer(tower_http::trace::TraceLayer::new_for_http())
        .layer(tower_http::catch_panic::CatchPanicLayer::new());
        .layer(tower_http::catch_panic::CatchPanicLayer::new())
        .layer(tower_http::sensitive_headers::SetSensitiveHeadersLayer::new([
            axum::http::header::AUTHORIZATION,
            // Not used yet, but will be eventually
            axum::http::header::COOKIE,
            axum::http::header::SET_COOKIE,
        ]));

    (router, task)
}