projects / websub-hub / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
keep sensitive credentials out of logs
[websub-hub] / src / service.js
diff --git a/src/service.js b/src/service.js
index 1d9b8a0922af1b8699e7232fd078b5f244a66f8e..a0043f7d24caa49a71c85341dc4fadca6ea563d2 100644 (file)
--- a/src/service.js
+++ b/src/service.js
@@ -181,8 +181,9 @@ class Service extends Dingus {
 
 
   /**
-   * Same as super.ingestBody, but if no body was sent, do not parse (and
+   * Similar to super.ingestBody, but if no body was sent, do not parse (and
    * thus avoid possible unsupported media type error).
+   * Also removes raw body from context, to simplify scrubbing sensitive data from logs.
    * @param {http.ClientRequest} req
    * @param {http.ServerResponse} res
    * @param {Object} ctx
@@ -192,6 +193,7 @@ class Service extends Dingus {
     const contentType = Dingus.getRequestContentType(req);
     if (ctx.rawBody) {
       this.parseBody(contentType, ctx);
+      delete ctx.rawBody;
     }
   }
 
WebSub Hub server