New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[httplib, requests] Sanitize urls in span metadata #688
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks fine, but would you be able to add some test cases for ensuring this works?
Also can we add a test case for the requests
integration as well, I want to make sure that requests.get('https://.../?query=string')
does not leak as well.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we also want to have a test case for requests
in here: https://github.com/DataDog/dd-trace-py/blob/master/tests/contrib/requests/test_requests.py
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
very very minor things. otherwise this is good to go
@@ -55,6 +53,15 @@ def _wrap_request(func, instance, args, kwargs): | |||
url = kwargs.get('url') or args[1] | |||
headers = kwargs.get('headers', {}) | |||
parsed_uri = parse.urlparse(url) | |||
# sanitize url of query | |||
sanitized_url = parse.urlunparse(( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
I was originally thinking just parsed_uri.path
or something, but this is much better.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
might need to update from |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
* [httplib] Strip all but path from url * [httplib] Fix tests * [requests] Sanitize url * [httplib] Add comment * Correct comment * Make httlib and requests consistent
Use
urlparse
in Python 2 and Python 3 standard library to only set the path (without parameters and query string) in thehttp.url
metadata.