Modified broker /debug page to display counts only

The broker /debug page was displaying proxy IDs and roundtrip times. As serna pointed out in bug #31460, the proxy IDs can be used to launch a denial of service attack. As the metrics team pointed out on #21315, the round trip time average can be potentially sensitive. This change displays only proxy counts and uses ID lengths to distinguish between standalone proxy-go instances and browser-based snowflake proxies.
2025-10-13 20:11:19 -04:00 · 2019-08-23 10:58:20 -04:00 · 2019-08-23 10:58:20 -04:00 · 00eb4aadf5
commit 00eb4aadf5
parent ea442141db
1 changed files with 9 additions and 2 deletions
--- a/broker/broker.go
+++ b/broker/broker.go
@ -255,10 +255,17 @@ func proxyAnswers(ctx *BrokerContext, w http.ResponseWriter, r *http.Request) {

 func debugHandler(ctx *BrokerContext, w http.ResponseWriter, r *http.Request) {
 	s := fmt.Sprintf("current snowflakes available: %d\n", ctx.snowflakes.Len())
+
+	var browsers, standalones int
 	for _, snowflake := range ctx.idToSnowflake {
-		s += fmt.Sprintf("\nsnowflake %d: %s", snowflake.index, snowflake.id)
+		if len(snowflake.id) < 16 {
+			browsers++
+		} else {
+			standalones++
+		}
 	}
-	s += fmt.Sprintf("\n\nroundtrip avg: %d", ctx.metrics.clientRoundtripEstimate)
+	s += fmt.Sprintf("\tstandalone proxies: %d", standalones)
+	s += fmt.Sprintf("\n\tbrowser proxies: %d", browsers)
 	w.Write([]byte(s))
 }