Commit efaddbca authored by Tomasz Maczukin's avatar Tomasz Maczukin 🌴

Filter content of X-AMX-Credential from logs

parent e3735fa8
......@@ -4,7 +4,7 @@ import (
"regexp"
)
var scrubRegexp = regexp.MustCompile(`(?im)([\?&]((?:private|authenticity|rss)[\-_]token)|X-AMZ-Signature)=[^& ]*`)
var scrubRegexp = regexp.MustCompile(`(?im)([\?&]((?:private|authenticity|rss)[\-_]token)|X-AMZ-Signature|X-AMZ-Credential)=[^& ]*`)
// ScrubSecrets replaces the content of any sensitive query string parameters
// in an URL with `[FILTERED]`
......
......@@ -13,6 +13,7 @@ func TestScrubSecrets(t *testing.T) {
}{
{input: "Get http://localhost/?id=123", output: "Get http://localhost/?id=123"},
{input: "Get http://localhost/?id=123&X-Amz-Signature=abcd1234&private_token=abcd1234", output: "Get http://localhost/?id=123&X-Amz-Signature=[FILTERED]&private_token=[FILTERED]"},
{input: "Get http://localhost/?id=123&X-Amz-Credential=ABCDEF123456%2F20180920%2Fus-east-1%2Fs3%2Faws4_request", output: "Get http://localhost/?id=123&X-Amz-Credential=[FILTERED]"},
{input: "Get http://localhost/?private_token=abcd1234 test", output: "Get http://localhost/?private_token=[FILTERED] test"},
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment