Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Stop leaking sensitive header values in error messages
The protection against invalid header values should not leak their content in the error message. Exceptions are commonly logged, sent to third-party error monitoring systems, or published in internal communication/messenger systems. A range of HTTP headers, like `Authorization`, `Api-Key`, or similar, contain sensitive information which should not be sent to such public destinations.
- Loading branch information