What version of Go are you using (go version)?

$ go version
go version go1.16.6 linux/amd64

Does this issue reproduce with the latest release?

Yes.

What operating system and processor architecture are you using (go env)?

$ go env
GOARCH="amd64"
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOOS="linux"
GOVERSION="go1.16.6"

What did you do?

Got a context deadline timeout from an HTTP PATCH request.

What did you expect to see?

An idiomatic error return.

What did you see instead?

Error processing request: Patch "http://www.example.com/sensitiveurl": context deadline exceeded

i.e. returned error has "patch" capitalized.

Error also includes the entire URL, even for a POST/PUT/PATCH which may involve a sensitive URL.

Comments

The HTTP verb formatting is from net/http/client.go in urlErrorOp. I'd suggest that it should either make the verb all caps (like in the actual protocol and the http.MethodFoo constants), or leave it lower case.

I'd argue that it's the responsibility of the code calling request.Do to log the entire URL if appropriate. Having to perform a text search-and-replace on error strings to sanitize them before reporting them is undesirable.

Sample code

package main

import (
	"context"
	"log"
	"net/http"
)

func main() {
	ctx, cancel := context.WithTimeout(context.Background(), 1)
	defer cancel()
	req, err := http.NewRequestWithContext(ctx, "PATCH", "http://www.example.com/sensitiveurl", nil)
	if err != nil {
		panic(err)
	}
	resp, err := http.DefaultClient.Do(req)
	if err != nil {
		log.Printf("Error processing request: %v", err)
	}
	defer resp.Body.Close()
}