[Breaking Change]: HttpTelemetry Redacts Query Strings by Default
Description:
In .NET 9, the default behavior of HttpTelemetry (EventSource "System.Net.Http") has been modified to redact query strings. This change is aimed at enhancing security by preventing the logging of potentially sensitive information contained in query strings. The same opt-out mechanism used for distributed tracing (Activity) and HttpClientFactory logging is applied here. For scenarios where logging query strings is necessary and deemed safe, this behavior can be overridden by enabling the System.Net.Http.DisableUriRedaction AppContext switch or by setting the DOTNET_SYSTEM_NET_HTTP_DISABLEURIREDACTION environment variable.
Previous Behavior:
Previously, HttpTelemetry logs included query strings by default, which could inadvertently expose sensitive information.
New Behavior:
With the new change, query strings are redacted from HttpTelemetry logs by default. Developers can enable query string logging global
Anton Firszov antonfirsov
antonfirsov
/ Program.cs
Last active
February 21, 2025 18:00
HttpHandlerDiagnosticListener duplicate event repro
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Collections.Generic; | |
| using System.Diagnostics; | |
| using System.Net.Http; | |
| using System.Net; | |
| using System.Threading.Tasks; | |
| using System.Runtime.CompilerServices; | |
| class Program | |
| { |
antonfirsov
/ SocketOptionMappingGenerator.cs
Last active
February 5, 2025 17:36
SocketOptionMappingGenerator
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System.Net.Sockets; | |
| using System.Text; | |
| // Relevant option names and values taken from Windows headers. | |
| (string Name, int Value)[] ipOptions = [ | |
| ("IP_TOS", 3), | |
| ("IP_TTL", 4), | |
| ]; | |
| (string Name, int Value)[] ipv6Options = [ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using SixLabors.ImageSharp; | |
| using SixLabors.ImageSharp.Memory; | |
| using System.Buffers; | |
| using System.Runtime.CompilerServices; | |
| if (!File.Exists("./img.jpg")) | |
| { | |
| using HttpClient client = new HttpClient(); | |
| client.DefaultRequestHeaders.Add("User-Agent", "Markus Moller's super cool bot"); | |
| Console.WriteLine("Downloading image..."); |
antonfirsov
/ HttpClient-Telemetry-Breaking.MD
Created
October 1, 2024 12:49
Telemetry Breaking changes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| **** sending Request1 to example.com **** | |
| Activity.TraceId: a204d84ced611be46da0dba9313ac4dc | |
| Activity.SpanId: d3ffeb48a6f38d34 | |
| Activity.TraceFlags: Recorded | |
| Activity.ParentSpanId: 11607beab559707f | |
| Activity.ActivitySourceName: System.Net.NameResolution | |
| Activity.DisplayName: System.Net.NameResolution.DsnLookup | |
| Activity.Kind: Client | |
| Activity.StartTime: 2024-06-24T21:43:21.5808535Z | |
| Activity.Duration: 00:00:00.0096843 |
antonfirsov
/ EofCounterPerf.MD
Created
October 13, 2023 23:44
antonfirsov
/ StatusCodeBoxingBenchmarks.cs
Created
July 11, 2023 16:53
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using BenchmarkDotNet.Attributes; | |
| using System.Collections.Frozen; | |
| [MemoryDiagnoser] | |
| public class StatusCodeBoxingBenchmarks | |
| { | |
| [Benchmark] | |
| public object Get1_FrozenDictionary() | |
| { | |
| return GetBoxedStatusCode_FrozenDictionary(200); |
antonfirsov
/ EnrichmentBenchmarks.cs
Last active
July 12, 2023 18:04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #define METRICS | |
| using System.Diagnostics.Metrics; | |
| using BenchmarkDotNet.Attributes; | |
| using System.Text; | |
| using System.Diagnostics; | |
| using System.Threading.Tasks.Sources; | |
| using System.Net; | |
| #if METRICS |
antonfirsov
/ ProtocolExceptions.MD
Last active
June 9, 2022 16:42
Exposing HTTP/2 and HTTP/3 protocol error details from `SocketsHttpHandler`
This proposal builds on the decisions made in our QUIC Exceptions Design proposal.
- Define a new exception type
ProtocolException, and embed it asHttpRequestException.InnerException - Throw
ProtocolExceptiondirectly fromHttpResponsecontent read streams - In case of HTTP/3, embed
QuicExceptionasProtocolException.InnerException
antonfirsov
/ GCMemoryInfoMinimalRepro.csproj
Last active
July 8, 2021 11:37
GCMemoryInfoMinimalRepro
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Project Sdk="Microsoft.NET.Sdk"> | |
| <PropertyGroup> | |
| <OutputType>Exe</OutputType> | |
| <TargetFrameworks>net6.0;net5.0;netcoreapp3.1</TargetFrameworks> | |
| </PropertyGroup> | |
| </Project> |
NewerOlder