Table of Contents

Class OutboundSecretScanningHandler

Namespace
JD.AI.Core.Security
Assembly
JD.AI.Core.dll

An HttpMessageHandler that scans outbound request bodies and headers for secrets before allowing the request to be sent. Uses a DataRedactor to detect matches.

public sealed class OutboundSecretScanningHandler : DelegatingHandler, IDisposable
Inheritance
OutboundSecretScanningHandler
Implements
Inherited Members

Remarks

Wire this into any HttpClient that may carry user-controlled content or provider responses — for example the client used by tool implementations that call external APIs.

Constructors

OutboundSecretScanningHandler(DataRedactor, ILogger<OutboundSecretScanningHandler>, bool)

Initializes the handler.

public OutboundSecretScanningHandler(DataRedactor redactor, ILogger<OutboundSecretScanningHandler> logger, bool blockOnDetection = true)

Parameters

redactor DataRedactor

A DataRedactor configured with secret detection patterns. Use DataRedactor constructed from All for broad coverage.

logger ILogger<OutboundSecretScanningHandler>

Logger for security alerts.

blockOnDetection bool

When true (default), throws SecurityException if a secret is detected. When false, logs a warning and allows the request through (audit-only mode).

Methods

SendAsync(HttpRequestMessage, CancellationToken)

Sends an HTTP request to the inner handler to send to the server as an asynchronous operation.

protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)

Parameters

request HttpRequestMessage

The HTTP request message to send to the server.

cancellationToken CancellationToken

A cancellation token to cancel operation.

Returns

Task<HttpResponseMessage>

The task object representing the asynchronous operation.

Exceptions

ArgumentNullException

The request was null.

OperationCanceledException

The cancellation token was canceled. This exception is stored into the returned task.

Edit this page