From 2ff818d53d0c90983efeacd7fee0aadadd666482 Mon Sep 17 00:00:00 2001
From: Arthur Lutz <arthur.lutz@zenika.com>
Date: Thu, 5 Oct 2023 08:57:00 +0200
Subject: [PATCH 1/2] fix(st2common/router): don't log sensitive information

---
 st2common/st2common/router.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/st2common/st2common/router.py b/st2common/st2common/router.py
index ff4a9866f5..1200044fd6 100644
--- a/st2common/st2common/router.py
+++ b/st2common/st2common/router.py
@@ -328,7 +328,12 @@ def __call__(self, req):
 
         At the time of writing, the only property being utilized by middleware was `x-log-result`.
         """
-        LOG.debug("Received call with WebOb: %s", req)
+        LOG.debug("Received call with WebOb: %s %s", req.method, req.url)
+        # if a more detailed log is required:
+        # loggable_req = req.copy()
+        # loggable_req.headers.pop('Authorization', None)
+        # loggable_req.headers.pop('X-Request-Id', None)
+        # LOG.debug("Received call with WebOb: %s", loggable_req)
         endpoint, path_vars = self.match(req)
         LOG.debug("Parsed endpoint: %s", endpoint)
         LOG.debug("Parsed path_vars: %s", path_vars)

From b4992db5433261a5095fba6d9154807faa5f1d2b Mon Sep 17 00:00:00 2001
From: Arthur Lutz <arthur.lutz@zenika.com>
Date: Thu, 5 Oct 2023 09:00:59 +0200
Subject: [PATCH 2/2] docs(CHANGELOG): add fix debug logging

---
 CHANGELOG.rst | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 59f4ab2406..ad8cb12637 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -13,6 +13,8 @@ Fixed
 * Bumped `paramiko` to `2.10.5` to fix an issue with SSH Certs - https://github.com/paramiko/paramiko/issues/2017
   Contributed by @jk464
 
+* Avoid logging sensitive information in debug (fix #5977)
+
 Added
 ~~~~~