fix(http-logger): avoid empty Authorization header by default

apisix/plugins/http-logger.lua

@@ -33,7 +33,7 @@ local schema = {
     type = "object",
     properties = {
         uri = core.schema.uri_def,
-        auth_header = {type = "string", default = ""},
+        auth_header = {type = "string"},
         timeout = {type = "integer", minimum = 1, default = 3},
         include_req_body = {type = "boolean", default = false},
         include_resp_body = {type = "boolean", default = false},

docs/en/latest/plugins/http-logger.md

@@ -38,7 +38,7 @@ This will allow the ability to send log data requests as JSON objects to monitor
 | Name                   | Type    | Required | Default       | Valid values         | Description                                                                                                                                                                                                              |
 | ---------------------- | ------- | -------- | ------------- | -------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
 | uri                    | string  | True     |               |                      | URI of the HTTP/HTTPS server.                                                                                                                                                                                            |
-| auth_header            | string  | False    | ""            |                      | Authorization headers if required.                                                                                                                                                                                       |
+| auth_header            | string  | False    |               |                      | Authorization headers if required.                                                                                                                                                                                       |
 | timeout                | integer | False    | 3             | [1,...]              | Time to keep the connection alive for after sending a request.                                                                                                                                                           |
 | name                   | string  | False    | "http logger" |                      | Unique identifier to identify the logger.                                                                                                                                                                                |
 | include_req_body       | boolean | False    | false         | [false, true]        | When set to `true` includes the request body in the log. If the request body is too big to be kept in the memory, it can't be logged due to Nginx's limitations.                                                         |

docs/zh/latest/plugins/http-logger.md

@@ -32,7 +32,7 @@ title: http-logger
 | 名称             | 类型    | 必选项 | 默认值        | 有效值  | 描述                                             |
 | ---------------- | ------- | ------ | ------------- | ------- | ------------------------------------------------ |
 | uri              | string  | 必须   |               |         | `HTTP/HTTPS` 服务器的 URI。                   |
-| auth_header      | string  | 可选   | ""            |         | 授权头部。                                    |
+| auth_header      | string  | 可选   |               |         | 授权头部。                                    |
 | timeout          | integer | 可选   | 3             | [1,...] | 发送请求后保持连接活动的时间。                   |
 | name             | string  | 可选   | "http logger" |         | 标识 logger 的唯一标识符。                     |
 | include_req_body | boolean | 可选   | false         | [false, true] | 是否包括请求 body。false： 表示不包含请求的 body ； true： 表示包含请求的 body 。 |

t/plugin/http-logger2.t

@@ -42,6 +42,13 @@ add_block_preprocessor(sub {
             }
         }
 
+        location /http-logger/Authorization {
+            content_by_lua_block {
+                ngx.log(ngx.WARN, "received Authorization header: [", ngx.var.http_authorization, "]")
+                ngx.say("OK")
+            }
+        }
+
         location /http-logger/center {
             content_by_lua_block {
                 local function str_split(str, reps)
@@ -253,3 +260,52 @@ test-http-logger-response
 request.body:test-http-logger-request
 response.body:test-http-logger-response
 --- wait: 1.5
+
+
+
+=== TEST 8: test default Authorization header sent to the log server
+--- config
+    location /t {
+        content_by_lua_block {
+            local t = require("lib.test_admin").test
+            local code, body = t('/apisix/admin/routes/1',
+                 ngx.HTTP_PUT,
+                 [[{
+                        "methods": ["POST"],
+                        "plugins": {
+                            "http-logger": {
+                                "uri": "http://127.0.0.1:12001/http-logger/Authorization",
+                                "batch_max_size": 1,
+                                "max_retry_count": 1,
+                                "retry_delay": 2,
+                                "buffer_duration": 2,
+                                "inactive_timeout": 2
+                            }
+                        },
+                        "upstream": {
+                            "nodes": {
+                                "127.0.0.1:12001": 1
+                            },
+                            "type": "roundrobin"
+                        },
+                        "uri": "/http-logger/test"
+                }]])
+
+            if code >= 300 then
+                ngx.status = code
+            end
+            ngx.say(body)
+        }
+    }
+--- response_body
+passed
+
+
+
+=== TEST 9: hit
+--- request
+POST /http-logger/test
+test-http-logger-request
+--- error_log
+received Authorization header: [nil]
+--- wait: 1.5