Currently we produce incoming permissions logs as a JSON, which is prepared in a non-reliable way. If particular characters (for example ") will be present in x-service-name header, the result JSON will be invalid.
To consider:
- Fetch serviceName from client certificate SAN URI, instead of a header.
- Change log format to something simpler than JSON, for example "every field in a new line"
- Sanitize JSON strings
More information: #152 (comment)
Currently we produce incoming permissions logs as a JSON, which is prepared in a non-reliable way. If particular characters (for example
") will be present inx-service-nameheader, the result JSON will be invalid.To consider:
More information: #152 (comment)