[filter:tempurl]
use = egg:swift#tempurl
reveal_sensitive_prefix = 99999
^ that works for me, we definitely need to follow up with that in the example file.
Donagh, I think exempting accounts from truncation would be a good feature for followup after we get out from under the embargo. I can also confirmed, as Christian's commit message points out, that only authorized signatures are truncated - which could help with debugging for ops:
+2 WFM
Apr 24 18:53:14 ubuntu-xenial object-6010: 127.0.0.1 - - [24/Apr/ 2017:18: 53:14 +0000] "HEAD /sdb1/645/ AUTH_test/ test/test" 200 8 "HEAD http:// saio:8080/ v1/AUTH_ test/test/ test?temp_ url_expires= 1493063464& temp_url_ sig=d548ccbc..." "tx7decc83acfd9 426bb3a10- 0058fe499a" "proxy-server 10740" 0.0006 "-" 10735 0
I think Donagh's point is spot on
[filter: tempurl] sensitive_ prefix = 99999
use = egg:swift#tempurl
reveal_
^ that works for me, we definitely need to follow up with that in the example file.
Donagh, I think exempting accounts from truncation would be a good feature for followup after we get out from under the embargo. I can also confirmed, as Christian's commit message points out, that only authorized signatures are truncated - which could help with debugging for ops:
Apr 24 18:59:59 ubuntu-xenial proxy-server: 127.0.0.1 127.0.0.1 24/Apr/ 2017/18/ 59/59 HEAD /v1/AUTH_ test/test/ test%3Ftemp_ url_sig% 3Dbf2431dd98607 64fb423a08d3bf7 d01cd4312004% 26temp_ url_expires% 3D1493063999 HTTP/1.0 401 - curl/7.47.0 - - - - tx3d9ba159317e4 5ee87c05- 0058fe4b2f - 0.0016 - - 1493060399. 179332018 1493060399. 180957079 -
... or eventlet debug
Apr 24 19:00:08 ubuntu-xenial proxy-server: 127.0.0.1 127.0.0.1 24/Apr/ 2017/19/ 00/08 HEAD /v1/AUTH_ test/test/ test%3Ftemp_ url_expires% 3D1493064008% 26temp_ url_sig% 3D3cafada5. .. HTTP/1.0 200 - curl/7.47.0 - - - - tx2db8598376d14 dc2a48eb- 0058fe4b38 - 0.0274 - - 1493060408. 930609941 1493060408. 957966089 0 test/test/ test?temp_ url_sig= 3cafada56bcdf1a 37176926c13199e 4251a4e010& temp_url_ expires= 1493064008 HTTP/1.1" 200 475 0.029963 (txn: tx2db8598376d14 dc2a48eb- 0058fe4b38)
Apr 24 19:00:08 ubuntu-xenial proxy-server: STDERR: 127.0.0.1 - - [24/Apr/2017 19:00:08] "HEAD /v1/AUTH_
So I think we have Donagh's very correct concern satiated and can/should move forward here to get out from embargo.