From 44715645be46b54ff9252aea072ed74282f29045 Mon Sep 17 00:00:00 2001
From: Jonathan Langevin <codingsloth@pm.me>
Date: Thu, 12 Mar 2026 06:53:01 -0400
Subject: [PATCH] Potential fix for code scanning alert no. 98: Clear-text
 logging of sensitive information

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 modules/reverseproxy/module.go | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/modules/reverseproxy/module.go b/modules/reverseproxy/module.go
index 25d1c2ff..042c1a14 100644
--- a/modules/reverseproxy/module.go
+++ b/modules/reverseproxy/module.go
@@ -1784,9 +1784,13 @@ func (m *ReverseProxyModule) createReverseProxyForBackend(ctx context.Context, t
 			}
 			if err := m.responseHeaderModifier(resp, backendID, tenantID); err != nil {
 				if m.app != nil && m.app.Logger() != nil {
-					// Sanitize tenantID before logging to prevent log forging via newlines
-					safeTenantID := strings.ReplaceAll(strings.ReplaceAll(string(tenantID), "\n", ""), "\r", "")
-					m.app.Logger().Error("Response header modifier error", "backend", backendID, "tenant", safeTenantID, "error", err.Error())
+					// Log a hashed representation of the tenant ID to avoid exposing it in clear text
+					tenantHashStr := ""
+					if hasTenant {
+						sum := sha256.Sum256([]byte(tenantID))
+						tenantHashStr = hex.EncodeToString(sum[:])
+					}
+					m.app.Logger().Error("Response header modifier error", "backend", backendID, "tenant_hash", tenantHashStr, "error", err.Error())
 				}
 				return err
 			}