Hello
This is based on earlier messages in the thread about OAUTHDEBUG splitting[1]:
>> With the same logic, shouldn't we print a very visible warning when
>> somebody enables trace? Since it's a long output, maybe to both the
>> beginning and end of the flow?
>
> I'm more than happy to strengthen this as well, but let's kick that
> out to its own thread, especially if pieces are backpatchable.
The documentation already mentions that this option is unsafe because
it prints out the HTTP traffic as-is, including secrets, but the
output itself lacks a warning about it.
Because the output is long, users might not notice that copy-pasting
it or saving it to disk will share sensitive information. To increase
visibility, this patch adds a warning to both the beginning and the
end of the output.
I also attached a version for 18, since this seems to be a useful
change to backport. With the recent changes this is slightly different
on 19.
[1]: https://www.postgresql.org/message-id/CAOYmi%2Bkfw76zPa-tZPNs4KjxwthGLkQfpGyoKzMMy8_oNJz4DQ%40mail.gmail.com
