Which REST Consume traces are redacted (omitted)?

0
Hi. I noticed that in "REST Consume" "Request content" TRACE the Authorization header is replaced with the word (omitted). That's good. Now I want it to automatically omit the Access token I receive in the response. Is this possible?
asked
1 answers
1

No, this is not possible because the model would need to know what part of a response might contain this information. It could be anything.

And do note that an attacker would need to be able to set the log level to trace and capture the logs. In that case the attacker is already in and can do a lot more damage.

Regards,

Ronald

 

answered