Prevent verbose HTTP request logging

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 1 minute de lecture

    • Help prevent access to sensitive information by reducing verbose HTTP request logging.

    Control the level of logging for outbound HTTP requests to help prevent access to sensitive information, such as authorization headers or cookies. This information can be used like credentials to access the requested resource.

    The logging level for these requests is controlled by the glide.outbound_http_log.override and glide.outbound_http_log.override.level properties. When glide.outbound_http_log.override is set to true, the log level for requests and responses is controlled by the glide.outbound_http_log.override.level property. If glide.outbound_http_log.override.level is set to all or elevated, then request and response headers are logged.

    Set glide.outbound_http_log.override to false and glide.outbound_http_log.override.level to basic. If these properties don’t appear in the System Properties [sys_properties] table, they are in a secure state by default.

    More information

    Attribute Description
    Technical configuration name
    • glide.outbound_http_log.override
    • glide.outbound_http_log.override.level
    Plugin applicability None
    Security risk

    Outbound HTTP request headers logged with verbose settings can include sensitive information such as Authorization headers or cookies. This information can be used like credentials to access the requested resource.

    Users with access to the Outbound HTTP Logs [sys_outbound_http_log] table can view this information. The severity depends on what type of outbound requests are made.
    Common Vulnerability Scoring System (CVSS) score 5
    Common Vulnerability Scoring System (CVSS) rating Medium
    Functional impact

    The glide.outbound_http_log.override system property enables you to override outbound http request log level. A value of false defaults the log level to basic.

    If glide.outbound_http_log.override is set to true, the level of logging is determined by the value of the glide.outbound_http_log.override.level property. This value can be basic, elevated, or all. All 3 are string/text based values. Any value other than these is interpreted as basic.

    For additional details, see Configure outbound logging.
    Dependencies and prerequisites None
    Data type
    • Boolean
    • String
    Base system value
    • false
    • <blank>
    Fallback value
    • false
    • <blank>
    Recommended value
    • false
    • basic

    To learn more about adding or creating a system property, see Add a system property.