chore: remove filterHttpHeaders config

elastic · Aug 2, 2023 · cf4792e · cf4792e
1 parent 9f5ac74
commit cf4792e
Show file tree

Hide file tree

Showing 9 changed files with 15 additions and 68 deletions.
diff --git a/CHANGELOG.asciidoc b/CHANGELOG.asciidoc
@@ -43,6 +43,9 @@ Notes:
 [float]
 ===== Bug fixes
 
+* The config option <<filter-http-headers, filterHttpHeaders>> is now *removed*.
+  ({pull}XXXX[#XXXX])
+
 * Fix ESM support: the "loader.mjs" file was accidentally not included in
   the published package in v3.48.0. ({pull}3534[#3534])
 

diff --git a/docs/agent-api.asciidoc b/docs/agent-api.asciidoc
@@ -108,9 +108,6 @@ apm.addFilter(function redactSecretHeader(payload) {
 })
 ----
 
-A set of built-in filters are added by default.
-See <<filter-http-headers,`filterHttpHeaders`>> for details.
-
 Though you can also use filter functions to add new contextual information to the `user` and `custom` properties,
 it's recommended that you use <<apm-set-user-context,`apm.setUserContext()`>> and <<apm-set-custom-context,`apm.setCustomContext()`>> for that purpose.
 

diff --git a/docs/configuration.asciidoc b/docs/configuration.asciidoc
@@ -974,26 +974,6 @@ using the `(?-i)` prefix. These patterns apply to the request and response HTTP
 
 The `sanitizeFieldNames` will redact any matched _field names_.  If you wish to filter or _redact_ other data the <<apm-add-filter,API filtering functions>> may be a better choice.
 
-[[filter-http-headers]]
-==== `filterHttpHeaders`
-
-[small]#Deprecated in: v3.46.0
-
-* *Type:* Boolean
-* *Default:* `true`
-* *Env:* `ELASTIC_APM_FILTER_HTTP_HEADERS`
-
-`filterHttpHeaders` indicates whether the agent should redact sensitive fields in the `Cookie` HTTP request
-header. If true, the `Cookie` header will be parsed in to the `transaction.request.cookies` name/value
-mapping and any cookie fields that match the patterns in <<sanitize-field-names>> will be replaced with the
-string `[REDACTED]`. If false, the `Cookie` header will be left as is.
-
-This config option is *deprecated* and will be removed in a future major version. Use <<sanitize-field-names>>
-instead. To replicate `filterHttpHeaders: false`, modify `sanitizeFieldNames` so that no patterns match
-cookie fields that you do not want redacted.
-
-See also <<apm-add-filter,the filtering API>> for programmatic control of filtering APM data.
-
 [[disable-instrumentations]]
 ==== `disableInstrumentations`
 

diff --git a/docs/shared-set-up.asciidoc b/docs/shared-set-up.asciidoc
@@ -110,7 +110,7 @@ To enable this,
 use the <<capture-body,`captureBody`>> config option
 * By default, the Node.js agent will filter certain HTTP headers known to contain sensitive information.
 To disable this,
-use the <<filter-http-headers,`filterHttpHeaders`>> config option
+use the <<sanitize-field-names,`sanitizeFieldNames`>> config option
 * To apply custom filters,
 use one of the <<apm-add-filter,filtering>> functions
 //end::filter-sensitive-info[]

diff --git a/index.d.ts b/index.d.ts
@@ -256,9 +256,15 @@ declare namespace apm {
     disableSend?: boolean;
     elasticsearchCaptureBodyUrls?: Array<string>;
     environment?: string;
-    errorMessageMaxLength?: string; // DEPRECATED: use `longFieldMaxLength`.
+    /**
+     * @deprecated Use `longFieldMaxLength`
+     */
+    errorMessageMaxLength?: string;
     errorOnAbortedRequests?: boolean;
     exitSpanMinDuration?: string;
+    /**
+     * @deprecated Configuration 'filterHttpHeaders' is not used.
+     */
     filterHttpHeaders?: boolean;
     frameworkName?: string;
     frameworkVersion?: string;

diff --git a/lib/config/config.js b/lib/config/config.js
@@ -234,12 +234,9 @@ class Config {
       }
     }
 
-    // Warn agent consumer if it passed deprecated options via ENV, start options or config file.
-    const configSources = [envOptions, opts, confFileOpts];
-    for (let i = 0; i < configSources.length; i++) {
-      if (configSources[i] && 'filterHttpHeaders' in configSources[i]) {
-        this.logger.warn('the `filterHttpHeaders` config option is deprecated');
-      }
+    // Drop `filterHttpHeaders` option if it was passed to config via ENV, start options or config file.
+    if (this.filterHttpHeaders) {
+      delete this.filterHttpHeaders;
     }
 
     normalize(this, this.logger);

diff --git a/lib/config/schema.js b/lib/config/schema.js
@@ -62,9 +62,6 @@ const DEFAULTS = {
   environment: process.env.NODE_ENV || 'development',
   errorOnAbortedRequests: false,
   exitSpanMinDuration: '0ms',
-  // Deprecated: already filtered with `sanitizeFieldNames` defaults
-  // TODO: https://github.com/elastic/apm-agent-nodejs/issues/3332
-  filterHttpHeaders: true,
   globalLabels: undefined,
   ignoreMessageQueues: [],
   instrument: true,
@@ -159,9 +156,6 @@ const ENV_TABLE = {
   elasticsearchCaptureBodyUrls: 'ELASTIC_APM_ELASTICSEARCH_CAPTURE_BODY_URLS',
   errorMessageMaxLength: 'ELASTIC_APM_ERROR_MESSAGE_MAX_LENGTH',
   errorOnAbortedRequests: 'ELASTIC_APM_ERROR_ON_ABORTED_REQUESTS',
-  // Deprecated: already filtered with `sanitizeFieldNames` defaults
-  // TODO: https://github.com/elastic/apm-agent-nodejs/issues/3332
-  filterHttpHeaders: 'ELASTIC_APM_FILTER_HTTP_HEADERS',
   frameworkName: 'ELASTIC_APM_FRAMEWORK_NAME',
   frameworkVersion: 'ELASTIC_APM_FRAMEWORK_VERSION',
   globalLabels: 'ELASTIC_APM_GLOBAL_LABELS',
@@ -263,7 +257,6 @@ const BOOL_OPTS = [
   'contextPropagationOnly',
   'disableSend',
   'errorOnAbortedRequests',
-  'filterHttpHeaders',
   'instrument',
   'instrumentIncomingHTTPRequests',
   'logUncaughtExceptions',

diff --git a/lib/parsers.js b/lib/parsers.js
@@ -61,9 +61,7 @@ function getContextFromRequest(req, conf, type) {
       conf.sanitizeFieldNamesRegExp,
     );
 
-    // TODO: remove filterHttpHeaders option in next major release
-    // https://github.com/elastic/apm-agent-nodejs/issues/3332
-    if (conf.filterHttpHeaders && context.headers.cookie) {
+    if (context.headers.cookie) {
       context.cookies = cookie.parse(req.headers.cookie);
       context.cookies = redactKeysFromObject(
         context.cookies,

diff --git a/test/config.test.js b/test/config.test.js
@@ -136,9 +136,6 @@ var optionFixtures = [
   ['environment', 'ENVIRONMENT', 'development'],
   ['errorMessageMaxLength', 'ERROR_MESSAGE_MAX_LENGTH', undefined],
   ['errorOnAbortedRequests', 'ERROR_ON_ABORTED_REQUESTS', false],
-  // Config option deprecated. To be removed in next major release
-  // TODO: https://github.com/elastic/apm-agent-nodejs/issues/3332
-  ['filterHttpHeaders', 'FILTER_HTTP_HEADERS', true],
   ['frameworkName', 'FRAMEWORK_NAME'],
   ['frameworkVersion', 'FRAMEWORK_VERSION'],
   ['hostname', 'HOSTNAME'],
@@ -453,30 +450,6 @@ test('should log invalid booleans', function (t) {
   t.end();
 });
 
-test('it should log deprecated booleans', function (t) {
-  var agent = new Agent();
-  var logger = new MockLogger();
-
-  agent.start(
-    Object.assign({}, agentOptsNoopTransport, {
-      serviceName: 'foo',
-      secretToken: 'baz',
-      active: false,
-      filterHttpHeaders: false,
-      logger,
-    }),
-  );
-
-  var warning = findObjInArray(logger.calls, 'type', 'warn');
-  t.strictEqual(
-    warning.message,
-    'the `filterHttpHeaders` config option is deprecated',
-  );
-
-  agent.destroy();
-  t.end();
-});
-
 var MINUS_ONE_EQUAL_INFINITY = ['transactionMaxSpans'];
 
 MINUS_ONE_EQUAL_INFINITY.forEach(function (key) {