aniani/toot
1
0
Fork 0
mirror of https://github.com/ihabunek/toot.git synced 2024-11-03 04:17:21 -05:00
Code

Censor authorization header value in logs

Browse Source
This commit is contained in:
Ivan Habunek 2020-05-11 12:46:27 +02:00
parent bc96cf7eea
commit ad96143ee0
No known key found for this signature in database
GPG Key ID: CDBD63C43A30BB95
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
toot/logging.py
View File

@ -3,11 +3,21 @@ from logging import getLogger
logger = getLogger('toot') logger = getLogger('toot')
def censor_secrets(headers):
def _censor(k, v):
if k == "Authorization":
return (k, "***CENSORED***")
return k, v
return {_censor(k, v) for k, v in headers.items()}
def log_request(request): def log_request(request):
logger.debug(">>> \033[32m{} {}\033[0m".format(request.method, request.url)) logger.debug(">>> \033[32m{} {}\033[0m".format(request.method, request.url))
if request.headers: if request.headers:
logger.debug(">>> HEADERS: \033[33m{}\033[0m".format(request.headers)) headers = censor_secrets(request.headers)
logger.debug(">>> HEADERS: \033[33m{}\033[0m".format(headers))
if request.data: if request.data:
logger.debug(">>> DATA: \033[33m{}\033[0m".format(request.data)) logger.debug(">>> DATA: \033[33m{}\033[0m".format(request.data))