External-Mirrors/keycloak
2
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-10 15:32:05 -03:30
Code Issues Packages Projects Releases Wiki Activity

[Docs] Warn users about printing headers in HTTP access logs (#44353) (#44359)

Browse Source 
Closes #43156


(cherry picked from commit a71ceee8f138cefb86fc16794eb47562da97fba6)

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
This commit is contained in:
Martin Bartoš 2025-11-26 11:24:34 +01:00 committed by GitHub
parent 978c05adec
commit 4302296037
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docs/guides/server/logging.adoc
View File

@ -283,6 +283,9 @@ You can even specify your own pattern with your required data to be logged, such
<@kc.start parameters="--http-access-log-pattern='%A %{METHOD} %{REQUEST_URL} %{i,User-Agent}'"/>
WARNING: HTTP Access logs may contain sensitive HTTP headers like `Authorization`, `Cookie`, or external API keys references.
Be careful with using the `long` pattern or printing the headers by the custom format - you should use it only for development purposes.
Consult the https://quarkus.io/guides/http-reference#configuring-http-access-logs[Quarkus documentation] for the full list of variables that can be used.
==== Exclude specific URL paths