java-web-servlet-filter icon indicating copy to clipboard operation
java-web-servlet-filter copied to clipboard
verified publisher icon opentracing-contrib

How about adding some control to HttpServletRequestExtractAdapter?

Open elgris opened this issue 8 years ago • 2 comments

Here's the story: HttpServletRequestExtractAdapter extracts all the header values into a map. Just wondering, what would be the best way for it to skip some specific headers. For instance, I don't want to extract Authorization header (otherwise it's propagated to outgoing requests by some implementations of Tracer).

Does it make sense to add some control to HttpServletRequestExtractAdapter? Like, passing a filter function to the constructor.

elgris avatar Oct 12 '17 09:10 elgris

It is pity that you cannot register filter which would remove these headers before tracing kicks in.

What you could do is to write a custom Extractor which would filter out these values and then delegate to the actual implementation (it has to be supported by tracer implementation).

pavolloffay avatar Oct 12 '17 09:10 pavolloffay

This is about the incoming SpanContext correct? The OT API is only: io.opentracing.SpanContext.baggageItems()

so the problem here is that because the Filter/Extractor does not know what the vendor uses to transport them, its just providing all headers as baggage items. This is questionable, but without having access to implementation details its not possible to do otherwise.

And currently because it happens automagically users have no way to blacklist / customize the headers. This is what @elgris is asking for: some way to interact with the filter to limit what baggage items reach the tracer.

CodingFabian avatar Oct 12 '17 09:10 CodingFabian