Don't log context or full request URI due to security concerns

These lines may contain information that cannot be safely logged to disk. Only deal with known parameters, also bump to V(2) to be consistent with other logging.
parent 77733c2a
...@@ -308,12 +308,6 @@ func ListResource(r rest.Lister, rw rest.Watcher, scope RequestScope, forceWatch ...@@ -308,12 +308,6 @@ func ListResource(r rest.Lister, rw rest.Watcher, scope RequestScope, forceWatch
} }
if (opts.Watch || forceWatch) && rw != nil { if (opts.Watch || forceWatch) && rw != nil {
glog.Infof("Started to log from %v for %v", ctx, req.Request.URL.RequestURI())
watcher, err := rw.Watch(ctx, &opts)
if err != nil {
scope.err(err, res.ResponseWriter, req.Request)
return
}
// TODO: Currently we explicitly ignore ?timeout= and use only ?timeoutSeconds=. // TODO: Currently we explicitly ignore ?timeout= and use only ?timeoutSeconds=.
timeout := time.Duration(0) timeout := time.Duration(0)
if opts.TimeoutSeconds != nil { if opts.TimeoutSeconds != nil {
...@@ -322,6 +316,13 @@ func ListResource(r rest.Lister, rw rest.Watcher, scope RequestScope, forceWatch ...@@ -322,6 +316,13 @@ func ListResource(r rest.Lister, rw rest.Watcher, scope RequestScope, forceWatch
if timeout == 0 && minRequestTimeout > 0 { if timeout == 0 && minRequestTimeout > 0 {
timeout = time.Duration(float64(minRequestTimeout) * (rand.Float64() + 1.0)) timeout = time.Duration(float64(minRequestTimeout) * (rand.Float64() + 1.0))
} }
glog.V(2).Infof("Starting watch for %s, rv=%s labels=%s fields=%s timeout=%s", req.Request.URL.Path, opts.ResourceVersion, opts.LabelSelector, opts.FieldSelector, timeout)
watcher, err := rw.Watch(ctx, &opts)
if err != nil {
scope.err(err, res.ResponseWriter, req.Request)
return
}
serveWatch(watcher, scope, req, res, timeout) serveWatch(watcher, scope, req, res, timeout)
return return
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment