accesslog

package
v1.8.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 4, 2026 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Overview

Package accesslog provides a gin access-log formatter that scrubs secrets embedded in request URL paths before they are written to logs.

Motivation: the incoming-webhook push route is /v1/incoming-webhooks/ {webhook_id}/{token} — a Discord-style URL with a PLAINTEXT bearer token in the path (#246). It is also reachable via the shorter /v1/webhooks/ alias (#455). gin's default access logger writes the full request path, which would persist live tokens into access logs. Formatter mirrors gin's default line format exactly but masks the token segment for BOTH prefixes.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Formatter

func Formatter(param gin.LogFormatterParams) string

Formatter is a gin.LogFormatter that reproduces gin's default access-log line byte-for-byte except the request path is run through ScrubPath. Wire it via gin.LoggerWithFormatter(accesslog.Formatter).

func NewErrorWriter

func NewErrorWriter(w io.Writer) io.Writer

NewErrorWriter wraps w so that incoming-webhook tokens are masked before they reach it. Assign it to gin.DefaultErrorWriter BEFORE the recovery middleware is registered (gin.Recovery captures DefaultErrorWriter at registration time).

func ScrubPath

func ScrubPath(path string) string

ScrubPath masks secrets embedded in a request path before it is logged.

It targets the incoming-webhook push routes /v1/incoming-webhooks/{webhook_id}/{token} and the /v1/webhooks/... alias: the trailing {token} segment (and anything after it, e.g. a stray query string) is replaced with "***". The non-secret {webhook_id} is preserved so logs remain useful for correlation. Any path without a push prefix, or with no token segment, is returned unchanged.

The prefix match is case-INSENSITIVE: gin logs c.Request.URL.Path verbatim for every request including 404s (the access logger runs after c.Next() regardless of route match), so a request to /V1/INCOMING-WEBHOOKS/... that 404s on the case-sensitive router would otherwise still log the token unmasked. Scrubbing is the security control here, so it must survive path-casing variants. Original casing of the prefix/webhook_id is preserved in the output; only the token segment is replaced.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL