-
Notifications
You must be signed in to change notification settings - Fork 3.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Prevent 'p' parameter of OPTIONS requests being logged. #3686
Conversation
98e0faa
to
71c1a7f
Compare
[X] CHANGELOG.md updated AFAICT the tests do pass. I did see what looked to be spurious failures of the circle-ci tests initiated by the PR, but these failures appeared unrelated to my changes and appear to have been fixed subsequently by mechanisms unknown. |
The big downside of this approach is that @jonseymour I think it would make sense to keep the
|
@gunnaraasen If I keep the OPTIONS check in the CORS handler, the serveOptions method won't get invoked (because of the early return) and hence redaction won't occur. Would it make more sense to move the redaction logic into the logging handler so that redaction is independent of whether authentication is enabled or not and also which path the request took to get to the logging path? |
Previously password redaction only occurred inside the authentication handler and the authentication handler is not on the request path for OPTIONS requests and, in any case, would not be invoked because of an early return on OPTIONS requests by the CORS handler. Now, we change the response logger to explictly replace any occurrence of the 'p' parameter from the query string with '[REDACTED]' prior to logging the response. Signed-off-by: Jon Seymour <jon@wildducktheories.com>
71c1a7f
to
3e00b34
Compare
Thanks @jonseymour. I agree, moving the redaction code to the logger is a better approach. Can you also remove the old sanitizing code in |
We now redact the credentials in the logger, so the function implemented by the deleted lines now seems redudndant. Signed-off-by: Jon Seymour <jon@wildducktheories.com>
Signed-off-by: Jon Seymour <jon@wildducktheories.com>
3e00b34
to
bdce79f
Compare
@gunnaraasen Sure. See 1d5ff55. |
👍 |
Prevent 'p' parameter of OPTIONS requests being logged.
Previously, OPTIONS requests were logged without passwords being redacted.
This occurred because password redaction is performed by the authentication
handler and a) the serveOptions handler did not have the parameter
that forces the authentication handler to be put on the request path and b)
the CORS handler returns early for OPTIONS requests
before the authentication handler is invoked.
With this commit, OPTIONS requests are also subject to the authentication handler
and the responsibility for the early return on OPTIONS request is moved from
the CORS handler to the authentication handler.
Signed-off-by: Jon Seymour jon@wildducktheories.com