Skip to content
Permalink
Browse files

Merge pull request #644 from charmander/reduced-sentry-capture

Filter alternative sources of sensitive information out of Sentry events

Reviewed-by: Kyra Kitsune <kfkitsune@users.noreply.github.com>
  • Loading branch information...
charmander committed Oct 27, 2019
2 parents 782c167 + 070f284 commit a5df9a426e45fc3b893cf656d4a44be5cbcc7f81
Showing with 17 additions and 2 deletions.
  1. +17 −2 weasyl/middleware.py
@@ -382,8 +382,23 @@ def filter_http(self, data):
if 'headers' in data and 'Cookie' in data['headers']:
data['headers']['Cookie'] = self._filter_header(data['headers']['Cookie'])

if 'env' in data and 'HTTP_COOKIE' in data['env']:
data['env']['HTTP_COOKIE'] = self._filter_header(data['env']['HTTP_COOKIE'])
env = data.get('env')

if env is not None:
if 'HTTP_COOKIE' in env:
env['HTTP_COOKIE'] = self._filter_header(env['HTTP_COOKIE'])

# WebOb cache, like:
# - webob._parsed_query_vars
# - webob._body_file
# - webob._parsed_post_vars
# - webob._parsed_cookies
# These mostly just repeat information that can be found elsewhere,
# so they’re removed rather than filtered.
remove_keys = [key for key in env if key.startswith('webob._')]
for key in remove_keys:
del env[key]



class URLSchemeFixingMiddleware(object):

0 comments on commit a5df9a4

Please sign in to comment.
You can’t perform that action at this time.