How to hide sensitive information from response header?

Question

How to hide sensitive information from response header?

P01ARPITJ opened this issue 5 months ago · comments

Hello Team,
I am using Retrofit library for Api calls. now i am getting some values in headers response like server details, tokens etc.
is there any way to hide the values from response header.
I thought to add interceptor but i think its work for header request call, not for response.

Jake Wharton · Answer 1 · Thu Jan 18 2024 20:40:12 GMT+0800 (China Standard Time)

Hide from whom?

P01ARPITJ · Answer 2 · Thu Jan 18 2024 21:38:14 GMT+0800 (China Standard Time)

Hi @JakeWharton, Thanks for immediate response.
Actually, I am calling Api and getting success response with body and headers.
Now headers contain some sensitive information's so i want to hide those values.

like in logs :

2024-01-18 16:32:36.803 6625-6934/com.**********.debugD/OkHttp: server_value: "test123445"

so i want to hide this value or change with blank strings.

Jake Wharton · Answer 3 · Thu Jan 18 2024 22:20:46 GMT+0800 (China Standard Time)

Retrofit does not perform any logging. If you are using OkHttp's logging-interceptor artifact, however, you can use its redactHeader API to omit sensitive headers from being included in the output.