YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Smarter regex to avoid redacting all --key=stuff when using setting helpers for example

Browse source
This commit is contained in:
Alexandre Aubin 2019-10-16 18:59:23 +02:00 committed by GitHub
parent a0febb0b21
commit d9990cd818
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/yunohost/log.py
View file

@ -315,7 +315,8 @@ class RedactingFormatter(Formatter):
try:
# This matches stuff like db_pwd=the_secret or admin_password=other_secret
# (the secret part being at least 3 chars to avoid catching some lines like just "db_pwd=")
match = re.search(r'(pwd|pass|password|secret|key|token)=(\S{3,})$', record.strip())
# For 'key', we require to at least have one word char [a-zA-Z0-9_] before it to avoid catching "--key" used in many helpers
match = re.search(r'(pwd|pass|password|secret|\wkey|token)=(\S{3,})$', record.strip())
if match and match.group(2) not in self.data_to_redact:
self.data_to_redact.append(match.group(2))
except Exception as e: