Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitd835031

Browse files
committed
be explicit about which fields we want to log as opposed to which we
want to denySigned-off-by: Callum Styan <callumstyan@gmail.com>
1 parent45852df commitd835031

File tree

2 files changed

+46
-24
lines changed

2 files changed

+46
-24
lines changed

‎coderd/httpmw/loggermw/logger.go‎

Lines changed: 32 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ import (
55
"fmt"
66
"net/http"
77
"net/url"
8+
"strconv"
89
"strings"
910
"sync"
1011
"time"
@@ -17,7 +18,8 @@ import (
1718
"github.com/coder/coder/v2/coderd/tracing"
1819
)
1920

20-
varsensitivePatterns= []string{"code","token","key","secret","password","auth","credential","api_key"}
21+
varsafeParams= []string{"page","limit","offset"}
22+
varcountParams= []string{"ids","template_ids"}
2123

2224
funcsafeQueryParams(params url.Values) []slog.Field {
2325
iflen(params)==0 {
@@ -26,25 +28,42 @@ func safeQueryParams(params url.Values) []slog.Field {
2628

2729
fields:=make([]slog.Field,0,len(params))
2830
forkey,values:=rangeparams {
29-
sensitive:=false
30-
31-
// Check if this parameter should be redacted
32-
for_,pattern:=rangesensitivePatterns {
33-
ifstrings.Contains(strings.ToLower(key),pattern) {
34-
sensitive=true
31+
// Check if this parameter should be included
32+
for_,pattern:=rangesafeParams {
33+
ifstrings.EqualFold(key,pattern) {
34+
// Prepend query parameters in the log line to ensure we don't have issues with collisions
35+
// in case any other internal logging fields already log fields with similar names
36+
fieldName:="query_"+key
37+
38+
// Log the actual values for non-sensitive parameters
39+
iflen(values)==1 {
40+
fields=append(fields,slog.F(fieldName,values[0]))
41+
continue
42+
}
43+
fields=append(fields,slog.F(fieldName,values))
3544
}
3645
}
37-
if!sensitive {
46+
// Some query params we just want to log the count of the params length
47+
for_,pattern:=rangecountParams {
48+
if!strings.EqualFold(key,pattern) {
49+
continue
50+
}
51+
count:=0
52+
3853
// Prepend query parameters in the log line to ensure we don't have issues with collisions
3954
// in case any other internal logging fields already log fields with similar names
4055
fieldName:="query_"+key
4156

42-
// Log the actual values for non-sensitive parameters
43-
iflen(values)==1 {
44-
fields=append(fields,slog.F(fieldName,values[0]))
45-
continue
57+
// Count comma-separated values for CSV format
58+
for_,v:=rangevalues {
59+
ifstrings.Contains(v,",") {
60+
count+=len(strings.Split(v,","))
61+
continue
62+
}
63+
count++
4664
}
47-
fields=append(fields,slog.F(fieldName,values))
65+
// For logging we always want strings
66+
fields=append(fields,slog.F(fieldName+"_count",strconv.Itoa(count)))
4867
}
4968
}
5069
returnfields

‎coderd/httpmw/loggermw/logger_internal_test.go‎

Lines changed: 14 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -304,20 +304,24 @@ func TestSafeQueryParams(t *testing.T) {
304304
{
305305
name:"safe parameters",
306306
params: url.Values{
307-
"page": []string{"1"},
308-
"limit": []string{"10"},
309-
"filter": []string{"active"},
310-
"sort": []string{"name"},
307+
"page": []string{"1"},
308+
"limit": []string{"10"},
309+
"filter": []string{"active"},
310+
"sort": []string{"name"},
311+
"offset": []string{"2"},
312+
"ids": []string{"some-id,another-id","second-param"},
313+
"template_ids": []string{"some-id,another-id","second-param"},
311314
},
312315
expected:map[string]interface{}{
313-
"query_page":"1",
314-
"query_limit":"10",
315-
"query_filter":"active",
316-
"query_sort":"name",
316+
"query_page":"1",
317+
"query_limit":"10",
318+
"query_offset":"2",
319+
"query_ids_count":"3",
320+
"query_template_ids_count":"3",
317321
},
318322
},
319323
{
320-
name:"sensitive parameters",
324+
name:"unknown/sensitive parameters",
321325
params: url.Values{
322326
"token": []string{"secret-token"},
323327
"api_key": []string{"secret-key"},
@@ -336,8 +340,7 @@ func TestSafeQueryParams(t *testing.T) {
336340
"filter": []string{"active"},
337341
},
338342
expected:map[string]interface{}{
339-
"query_page":"1",
340-
"query_filter":"active",
343+
"query_page":"1",
341344
},
342345
},
343346
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp