Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-11-19 09:25:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Sanitize log entries in logging package

Browse Source
This commit is contained in:
Mariano Cano 2022-08-11 17:44:31 -07:00
parent b62f4d1000
commit 90d2785776
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
logging/handler.go
View File

@ -5,6 +5,7 @@ import (
"net/http"
"os"
"strconv"
"strings"
"time"
"github.com/sirupsen/logrus"
@ -78,7 +79,7 @@ func (l *LoggerHandler) writeEntry(w ResponseLogger, r *http.Request, t time.Tim
uri = r.Host
}
if uri == "" {
uri = r.URL.RequestURI()
uri = sanitizeLogEntry(r.URL.RequestURI())
}
status := w.StatusCode()
@ -96,8 +97,8 @@ func (l *LoggerHandler) writeEntry(w ResponseLogger, r *http.Request, t time.Tim
"protocol": r.Proto,
"status": status,
"size": w.Size(),
"referer": r.Referer(),
"user-agent": r.UserAgent(),
"referer": sanitizeLogEntry(r.Referer()),
"user-agent": sanitizeLogEntry(r.UserAgent()),
}
for k, v := range w.Fields() {
@ -117,3 +118,8 @@ func (l *LoggerHandler) writeEntry(w ResponseLogger, r *http.Request, t time.Tim
l.logger.WithFields(fields).Error()
}
}
func sanitizeLogEntry(s string) string {
escaped := strings.Replace(s, "\n", "", -1)
return strings.Replace(escaped, "\r", "", -1)
}