Merge pull request #12542 from thalesmg/fix-http-bridge-logging-r55-20240220

fix(http_bridge): redact headers

apps/emqx_bridge_http/src/emqx_bridge_http.app.src

@@ -1,6 +1,6 @@
 {application, emqx_bridge_http, [
     {description, "EMQX HTTP Bridge and Connector Application"},
-    {vsn, "0.2.2"},
+    {vsn, "0.2.3"},
     {registered, []},
     {applications, [kernel, stdlib, emqx_resource, ehttpc]},
     {env, [{emqx_action_info_modules, [emqx_bridge_http_action_info]}]},

apps/emqx_bridge_http/src/emqx_bridge_http_connector.erl

@@ -876,9 +876,9 @@ redact(Data) ->
 %% and we also can't know the body format and where the sensitive data will be
 %% so the easy way to keep data security is redacted the whole body
 redact_request({Path, Headers}) ->
-    {Path, Headers};
+    {Path, redact(Headers)};
 redact_request({Path, Headers, _Body}) ->
-    {Path, Headers, <<"******">>}.
+    {Path, redact(Headers), <<"******">>}.
 
 clientid(Msg) -> maps:get(clientid, Msg, undefined).
 

changes/ce/fix-12542.en.md

@@ -0,0 +1 @@
+Redacted authorization headers from debug logs from HTTP bridge.