Commit 73ba801b authored by Kamil Trzciński's avatar Kamil Trzciński 🔴

Merge branch '3596-extend-scrub-secrets-with-amz-credential' into 'master'

Filter content of X-AMX-Credential from logs

Closes #3596

See merge request !1028
parents 8a685d21 efaddbca
Pipeline #31015696 passed with stages
in 46 minutes and 33 seconds
......@@ -4,7 +4,7 @@ import (
"regexp"
)
var scrubRegexp = regexp.MustCompile(`(?im)([\?&]((?:private|authenticity|rss)[\-_]token)|X-AMZ-Signature)=[^& ]*`)
var scrubRegexp = regexp.MustCompile(`(?im)([\?&]((?:private|authenticity|rss)[\-_]token)|X-AMZ-Signature|X-AMZ-Credential)=[^& ]*`)
// ScrubSecrets replaces the content of any sensitive query string parameters
// in an URL with `[FILTERED]`
......
......@@ -13,6 +13,7 @@ func TestScrubSecrets(t *testing.T) {
}{
{input: "Get http://localhost/?id=123", output: "Get http://localhost/?id=123"},
{input: "Get http://localhost/?id=123&X-Amz-Signature=abcd1234&private_token=abcd1234", output: "Get http://localhost/?id=123&X-Amz-Signature=[FILTERED]&private_token=[FILTERED]"},
{input: "Get http://localhost/?id=123&X-Amz-Credential=ABCDEF123456%2F20180920%2Fus-east-1%2Fs3%2Faws4_request", output: "Get http://localhost/?id=123&X-Amz-Credential=[FILTERED]"},
{input: "Get http://localhost/?private_token=abcd1234 test", output: "Get http://localhost/?private_token=[FILTERED] test"},
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment