Merge pull request #477 from matrix-org/erikj/access_token_log

Don't log urlencoded access_tokens
This commit is contained in:
Erik Johnston 2016-01-19 14:28:29 +00:00
commit 7a079adc8f

View File

@ -88,6 +88,9 @@ import time
logger = logging.getLogger("synapse.app.homeserver") logger = logging.getLogger("synapse.app.homeserver")
ACCESS_TOKEN_RE = re.compile(r'(\?.*access(_|%5[Ff])token=)[^&]*(.*)$')
def gz_wrap(r): def gz_wrap(r):
return EncodingResourceWrapper(r, [GzipEncoderFactory()]) return EncodingResourceWrapper(r, [GzipEncoderFactory()])
@ -495,9 +498,8 @@ class SynapseRequest(Request):
) )
def get_redacted_uri(self): def get_redacted_uri(self):
return re.sub( return ACCESS_TOKEN_RE.sub(
r'(\?.*access_token=)[^&]*(.*)$', r'\1<redacted>\3',
r'\1<redacted>\2',
self.uri self.uri
) )