You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by ii...@apache.org on 2020/07/23 15:16:46 UTC

[couchdb-ibrowse] 01/01: Strip sensitive data from state

This is an automated email from the ASF dual-hosted git repository.

iilyak pushed a commit to branch add-format-status
in repository https://gitbox.apache.org/repos/asf/couchdb-ibrowse.git

commit f4fd3f11747fd9b03fe64c94c7288653fd5f7320
Author: ILYA Khlopotov <ii...@apache.org>
AuthorDate: Thu Jul 23 08:15:02 2020 -0700

    Strip sensitive data from state
---
 src/ibrowse_http_client.erl | 39 ++++++++++++++++++++++++++++++++++++++-
 1 file changed, 38 insertions(+), 1 deletion(-)

diff --git a/src/ibrowse_http_client.erl b/src/ibrowse_http_client.erl
index a1cf6eb..b66d0ec 100644
--- a/src/ibrowse_http_client.erl
+++ b/src/ibrowse_http_client.erl
@@ -31,7 +31,8 @@
          handle_cast/2,
          handle_info/2,
          terminate/2,
-         code_change/3
+         code_change/3,
+         format_status/2
         ]).
 
 -include("ibrowse.hrl").
@@ -268,10 +269,46 @@ terminate(_Reason, State) ->
 code_change(_OldVsn, State, _Extra) ->
     {ok, State}.
 
+
+%%--------------------------------------------------------------------
+%% Function: format_status/3
+%% Purpose: Clean process state before logging
+%% Returns: key value list
+%%--------------------------------------------------------------------
+format_status(_Opt, [_PDict, State]) ->
+    #state{
+        reqs=Reqs,
+        reply_buffer=ReplyBuf,
+        recvd_headers=RCVDHeaders,
+        raw_headers=RawHeaders,
+        chunk_size_buffer=ChunkSizeBuf,
+        cur_req=Request
+    } = State,
+    ScrubbedReq = Request#request{url=url_strip_password(Request#request.url)},
+    Scrubbed = State#state{
+        socks5_user=nil,
+        socks5_password=nil,
+        reqs=queue:len(Reqs),
+        reply_buffer=byte_size(ReplyBuf),
+        recvd_headers=lists:map(fun({K, _V}) -> K end, RCVDHeaders),
+        raw_headers=byte_size(RawHeaders),
+        chunk_size_buffer=byte_size(ChunkSizeBuf),
+        cur_req=ScrubbedReq
+    },
+    [{data, [{"State",
+        Scrubbed
+    }]}].
+
 %%--------------------------------------------------------------------
 %%% Internal functions
 %%--------------------------------------------------------------------
 
+url_strip_password(Url) ->
+    re:replace(Url,
+        "(http|https|socks5)://([^:]+):[^@]+@(.*)$",
+        "\\1://\\2:*****@\\3",
+        [{return, list}]).
+
 %%--------------------------------------------------------------------
 %% Handles data recvd on the socket
 %%--------------------------------------------------------------------