Paul Caporn

icon company @bbc icon location Manchester, UK icon location I lead the technical architecture team for BBC iPlayer and Sounds

Results 2 issues of Paul Caporn

Use whitelists rather then blacklists for header and query annotations

3 comment

Hi Lev, It is hard to know upfront all possible security related headers (e.g. containing authentication tokens/user info etc) which risks leaking sensitive info into Zipkin traces. My previous implementation...

Play!: Expose application filter to exclude fields in trace

At present all query parameters and headers are added to the trace. This introduces a security risk if some of those fields contain sensitive information e.g. authentication tokens etc. To...