From 67f72d0e90f8a57c7e761a5fb34f6c4b21c25462 Mon Sep 17 00:00:00 2001
From: Tim Allclair <tallclair@google.com>
Date: Thu, 9 Feb 2023 16:37:32 -0800
Subject: [PATCH] Document risk of HTTP response body in probe failure msg

---
 pkg/probe/http/http.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/pkg/probe/http/http.go b/pkg/probe/http/http.go
index 41417657eee..20e33da8ed4 100644
--- a/pkg/probe/http/http.go
+++ b/pkg/probe/http/http.go
@@ -117,7 +117,9 @@ func DoHTTPProbe(req *http.Request, client GetHTTPInterface) (probe.Result, stri
 		return probe.Success, body, nil
 	}
 	klog.V(4).Infof("Probe failed for %s with request headers %v, response body: %v", url.String(), headers, body)
-	return probe.Failure, fmt.Sprintf("HTTP probe failed with statuscode: %d", res.StatusCode), nil
+	// Note: Until https://issue.k8s.io/99425 is addressed, this user-facing failure message must not contain the response body.
+	failureMsg := fmt.Sprintf("HTTP probe failed with statuscode: %d", res.StatusCode)
+	return probe.Failure, failureMsg, nil
 }
 
 // RedirectChecker returns a function that can be used to check HTTP redirects.