Add support for masking sensitive headers in production logs

[mozhganEtaati]

In production environments, it’s important to avoid logging sensitive data such as API keys or authorization tokens.

I’d like to suggest adding a feature that allows masking specific headers when generating CURL logs.

Example use case

When logging HTTP requests using HttpClientToCurl, certain headers (like x-api-key, Authorization, etc.) should be masked to prevent sensitive information from being exposed in the logs.

Proposed solution:

Add an optional configuration or parameter to specify which headers should be masked.

For example, add MaskedHeaders to console config :

                httpRequestMessageInstance.GenerateCurlInConsole(
                    new Uri("http://localhost:1213/v1/api/test"),
                    config =>
                    {
                       config.TurnOn = true;
                       config.NeedAddDefaultHeaders = true;
                       config.EnableCodeBeautification = false;
                       config.MaskedHeaders = new Dictionary<string, Func<string, string>>
                        {
                        // mask all chars except first 3
                        ["Authorization"] = value => value.Length > 3 
                        ? value.Substring(0, 3) + new string('*', value.Length - 3) 
                        : "***"
                       };
                    } );
         

✅ Output:

       curl -X POST 'http://localhost:1213/v1/api/test' -H 'Authorization: ***' 
       -H 'Content-Type: application/json; charset=utf-8' -d '{"name":"sara","requestId":10001001,"amount":20000}'

Benefits

• Prevents accidental exposure of secrets in production logs

• Gives developers control over which headers are masked

• Improves security without affecting debugging in non-production environments