From 59cc04ec85a00fdfdd835f69e6f51b4d1d80054e Mon Sep 17 00:00:00 2001
From: Nikolay Landzhev <nikolay.landzhev@redis.com>
Date: Fri, 4 Apr 2025 17:22:00 +0300
Subject: [PATCH] RED-140903 Do Not Dump Headers in stderr

When a function aborts we see all headers in the envoy stderr. We
have requested an enahncement https://github.com/envoyproxy/envoy/issues/37793,
but until it is ready we are going to patch the version.
---
 source/common/http/filter_manager.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/source/common/http/filter_manager.h b/source/common/http/filter_manager.h
index 2a2a8b31787ac..f781b3b86c7d1 100644
--- a/source/common/http/filter_manager.h
+++ b/source/common/http/filter_manager.h
@@ -705,7 +705,8 @@ class FilterManager : public ScopeTrackedObject,
        << DUMP_MEMBER(state_.observed_decode_end_stream_)
        << DUMP_MEMBER(state_.observed_encode_end_stream_) << "\n";
 
-    DUMP_DETAILS(filter_manager_callbacks_.requestHeaders());
+    // Disabled to avoid dumping sensitive information (such as AUTHORIZATION header)
+    // DUMP_DETAILS(filter_manager_callbacks_.requestHeaders());
     DUMP_DETAILS(filter_manager_callbacks_.requestTrailers());
     DUMP_DETAILS(filter_manager_callbacks_.responseHeaders());
     DUMP_DETAILS(filter_manager_callbacks_.responseTrailers());