Answer
To log request/response bodies safely:
- Use custom middleware to intercept HTTP pipeline.
- Enable request buffering using
HttpRequest.EnableBuffering(). - Buffer and copy response streams using a wrapper.
- Avoid logging sensitive fields such as passwords, tokens, and PII.
- Include traceId or correlationId for cross-service tracking.