URI query and fragment redaction in HttpClient EventSource events

In .NET 9, the default behavior of EventSource events emitted by HttpClient and SocketsHttpHandler (EventSource name: System.Net.Http) has been modified to scrub the query and fragment part of the URI. This change enhances privacy by preventing the logging of potentially sensitive information contained in query strings while keeping the performance costs of the redaction minimal. If necessary, you can override this behavior.

Version introduced

.NET 9 Preview 7

Previous behavior

Previously, events emitted by HttpClient and SocketsHttpHandler included query string information, which could inadvertently expose sensitive information.

New behavior

With the change in dotnet/runtime#104741, the query and fragment part are replaced by a * character in HttpClient and SocketsHttpHandler events, by default. This change affects specific events and parameters, such as pathAndQuery in RequestStart and redirectUri in Redirect.

Type of breaking change

This change is a behavioral change.

Reason for change

The primary reason for this change was to enhance privacy by reducing the risk of sensitive information being logged inadvertently. Query strings often contain sensitive data, and redacting them from logs by default helps protect this information. To keep the implementation simple and efficient, the fragment part is also scrubbed.

Recommended action

If you need query string information when consuming HttpClient or SocketsHttpHandler events and you're confident that it's safe to do so, you can enable query string logging globally by setting an AppContext switch in one of three ways:

• In the project file.

  <ItemGroup>
    <RuntimeHostConfigurationOption Include="System.Net.Http.DisableUriRedaction" Value="true" />
  </ItemGroup>
  

• In the runtimeconfig.json file.

  {
      "runtimeOptions": {
          "configProperties": {
              "System.Net.Http.DisableUriRedaction": true
          }
      }
  }
  

• Through an environment variable.

  Set DOTNET_SYSTEM_NET_HTTP_DISABLEURIREDACTION to true or 1.

Otherwise, no action is required, and the default behavior will help enhance the privacy aspects of your application.

Note

This switch also disables query string redaction in the default IHttpClientFactory logs. For more information, see URI query redaction in IHttpClientFactory logs.

Affected APIs

• System.Net.Http.SocketsHttpHandler.Send
• System.Net.Http.SocketsHttpHandler.SendAsync