You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2020/07/23 15:22:30 UTC

[GitHub] [couchdb-ibrowse] iilyak opened a new pull request #4: Strip sensitive data from state

iilyak opened a new pull request #4:
URL: https://github.com/apache/couchdb-ibrowse/pull/4


   The state of the process could contain sensitive data and big terms which would hammer the logging system. This PR removes the potentially sensitive data and makes the state size predictable. 
   
   Things we remove:
   - `socks5_user`
   - `socks5_password`
   - Headers values (we want to prevent `Authorization:` header hitting the logs)
   - strip password from URL


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [couchdb-ibrowse] iilyak merged pull request #4: Strip sensitive data from state

Posted by GitBox <gi...@apache.org>.

iilyak merged pull request #4:
URL: https://github.com/apache/couchdb-ibrowse/pull/4


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [couchdb-ibrowse] iilyak commented on a change in pull request #4: Strip sensitive data from state

Posted by GitBox <gi...@apache.org>.

iilyak commented on a change in pull request #4:
URL: https://github.com/apache/couchdb-ibrowse/pull/4#discussion_r461779688



##########
File path: src/ibrowse_http_client.erl
##########
@@ -268,10 +269,46 @@ terminate(_Reason, State) ->
 code_change(_OldVsn, State, _Extra) ->
     {ok, State}.
 
+
+%%--------------------------------------------------------------------
+%% Function: format_status/3
+%% Purpose: Clean process state before logging
+%% Returns: key value list
+%%--------------------------------------------------------------------
+format_status(_Opt, [_PDict, State]) ->
+    #state{
+        reqs=Reqs,
+        reply_buffer=ReplyBuf,
+        recvd_headers=RCVDHeaders,
+        raw_headers=RawHeaders,
+        chunk_size_buffer=ChunkSizeBuf,
+        cur_req=Request
+    } = State,
+    ScrubbedReq = Request#request{url=url_strip_password(Request#request.url)},
+    Scrubbed = State#state{
+        socks5_user=nil,
+        socks5_password=nil,
+        reqs=queue:len(Reqs),

Review comment:
       or we could do `reqs={queue_size, queue:len(Reqs)}`.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [couchdb-ibrowse] tonysun83 commented on pull request #4: Strip sensitive data from state

Posted by GitBox <gi...@apache.org>.

tonysun83 commented on pull request #4:
URL: https://github.com/apache/couchdb-ibrowse/pull/4#issuecomment-665980270


   +1, good work!


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [couchdb-ibrowse] tonysun83 commented on a change in pull request #4: Strip sensitive data from state

Posted by GitBox <gi...@apache.org>.

tonysun83 commented on a change in pull request #4:
URL: https://github.com/apache/couchdb-ibrowse/pull/4#discussion_r461852905



##########
File path: src/ibrowse_http_client.erl
##########
@@ -268,10 +269,46 @@ terminate(_Reason, State) ->
 code_change(_OldVsn, State, _Extra) ->
     {ok, State}.
 
+
+%%--------------------------------------------------------------------
+%% Function: format_status/3
+%% Purpose: Clean process state before logging
+%% Returns: key value list
+%%--------------------------------------------------------------------
+format_status(_Opt, [_PDict, State]) ->
+    #state{
+        reqs=Reqs,
+        reply_buffer=ReplyBuf,
+        recvd_headers=RCVDHeaders,
+        raw_headers=RawHeaders,
+        chunk_size_buffer=ChunkSizeBuf,
+        cur_req=Request
+    } = State,
+    ScrubbedReq = Request#request{url=url_strip_password(Request#request.url)},
+    Scrubbed = State#state{
+        socks5_user=nil,
+        socks5_password=nil,
+        reqs=queue:len(Reqs),

Review comment:
       ya, that could work




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org