Skip to content

Remove reliance on text/transform for trace masking

Arran Walker requested to merge ajwalker/new-masking into main

What does this MR do?

Adds new masking solutions.

Previously, the text/transform chains offered a level of buffering that hid the performance penalty of small writes. These buffers are now gone, so this MR also introduces (in a separate commit) a buffered writer.

Why was this MR needed?

Previous masking and URL sanitizing solution relied on text/transform chains. This had several problems:

  • A buffer was required for each phrase to be masked.
  • Only supported masking up to 4 KiB and would "leak" the tail of the secret.
  • Relied on \r and \n not being part of the secret.

What's the best way to test this MR?

We've had an unfortunate history of solving the masking problem, but each time, we've added test cases to cover the problems when fixed.

These tests have been improved and more added and the new solutions pass them all.

Tests that were previously checking the specific "leaking" of the tail of a secret (which is effectively a flaw in the design) have been removed.

What are the relevant issue numbers?

#28128 (closed)

Edited by Arran Walker

Merge request reports