Security: redact query strings + WS payloads from logs#206

Open

its-DeFine wants to merge 1 commit intocloudflare:mainfrom

its-DeFine:codex/redact-secrets-in-logs-20260208

its-DeFine commented Feb 8, 2026

Redacts sensitive data from worker logs:

Never log URL query strings (often contain ?token=... / ?secret=...)
Stop logging WebSocket message payloads (may contain auth + user content)
CDP route: avoid logging request params

Motivation: prevent accidental credential leakage via logs.


          security: redact query strings and WS payloads from logs

ac83ce1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet