balki/pgweb
1
0
Fork 0
Code Pull Requests Activity

Sanitize connect token in logging

Browse Source
This commit is contained in:
Dan Sosedoff 2022-12-02 12:20:58 -06:00
parent f19f165afc
commit e7ac416440
No known key found for this signature in database
GPG Key ID: 26186197D282B164
1 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
pkg/api/logger.go
View File

@ -2,6 +2,7 @@ package api
import ( import (
"net/http" "net/http"
"regexp"
"strings" "strings"
"time" "time"
@ -11,7 +12,11 @@ import (
const loggerMessage = "http_request" const loggerMessage = "http_request"
var logger *logrus.Logger var (
logger *logrus.Logger
reConnectToken = regexp.MustCompile("/connect/(.*)")
)
func init() { func init() {
if logger == nil { if logger == nil {
@ -34,9 +39,13 @@ func RequestLogger(logger *logrus.Logger) gin.HandlerFunc {
// Process request // Process request
c.Next() c.Next()
// Skip logging static assets if !debug {
if strings.Contains(path, "/static/") && !debug { // Skip static assets logging
return if strings.Contains(path, "/static/") {
return
}
path = sanitizeLogPath(path)
} }
status := c.Writer.Status() status := c.Writer.Status()
@ -72,3 +81,7 @@ func RequestLogger(logger *logrus.Logger) gin.HandlerFunc {
} }
} }
} }
func sanitizeLogPath(str string) string {
return reConnectToken.ReplaceAllString(str, "/connect/REDACTED")
}