URL 的语义约定¶

本文档定义了描述 URL 及其组件的语义约定。

Attributes¶

Attribute	Type	Description	Examples	Requirement Level
`url.scheme`	string	The URI scheme component identifying the used protocol.	`https`; `ftp`; `telnet`	Recommended
`url.full`	string	Absolute URL describing a network resource according to RFC3986 [1]	`https://www.foo.bar/search?q=OpenTelemetry#SemConv`; `//localhost`	Recommended
`url.path`	string	The URI path component [2]	`/search`	Recommended
`url.query`	string	The URI query component [3]	`q=OpenTelemetry`	Recommended
`url.fragment`	string	The URI fragment component	`SemConv`	Recommended

[1]: For network calls, URL usually has scheme://host[:port][path][?query][#fragment] format, where the fragment is not transmitted over HTTP, but if it is known, it should be included nevertheless. url.full MUST NOT contain credentials passed via URL in form of https://username:password@www.example.com/. In such case username and password should be redacted and attribute's value should be https://REDACTED:REDACTED@www.example.com/. url.full SHOULD capture the absolute URL when it is available (or can be reconstructed) and SHOULD NOT be validated or modified except for sanitizing purposes.

[2]: When missing, the value is assumed to be /

[3]: Sensitive content provided in query string SHOULD be scrubbed when instrumentations can identify it.

敏感信息¶

Capturing URL and its components MAY impose security risk. User and password information, when they are provided in User Information subcomponent, MUST NOT be recorded.

Instrumentations that are aware of specific sensitive query string parameters MUST scrub their values before capturing url.query attribute. For example, native instrumentation of a client library that passes credentials or user location in URL, must scrub corresponding properties.

Note: Applications and telemetry consumers should scrub sensitive information from URL attributes on collected telemetry. In systems unable to identify sensitive information, certain attribute values may be redacted entirely.