From 2e893f9c576d5a02506272fe2c0bcc12e6c58768 Mon Sep 17 00:00:00 2001
From: ian <licitdev@gmail.com>
Date: Sat, 3 Aug 2024 02:05:18 +0800
Subject: [PATCH] Merge commit from fork

* Redact `access_token` in the query string when `LOG_STYLE=raw`

* Add changeset

---------

Co-authored-by: Rijk van Zanten <rijkvanzanten@me.com>
---
 .changeset/chilly-adults-jog.md | 5 +++++
 api/src/logger/index.ts         | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 .changeset/chilly-adults-jog.md

diff --git a/.changeset/chilly-adults-jog.md b/.changeset/chilly-adults-jog.md
new file mode 100644
index 0000000000..1d39348831
--- /dev/null
+++ b/.changeset/chilly-adults-jog.md
@@ -0,0 +1,5 @@
+---
+'@directus/api': patch
+---
+
+Redacted `access_token` in the query string when `LOG_STYLE=raw`
diff --git a/api/src/logger/index.ts b/api/src/logger/index.ts
index 9f02572509..ae884d7965 100644
--- a/api/src/logger/index.ts
+++ b/api/src/logger/index.ts
@@ -100,7 +100,7 @@ export const createExpressLogger = () => {
 
 	if (env['LOG_STYLE'] === 'raw') {
 		httpLoggerOptions.redact = {
-			paths: ['req.headers.authorization', 'req.headers.cookie', 'res.headers'],
+			paths: ['req.headers.authorization', 'req.headers.cookie', 'res.headers', 'req.query.access_token'],
 			censor: (value, pathParts) => {
 				const path = pathParts.join('.');