Slack Webhook URL redacted from debug logs

abdolence · Oct 8, 2022 · 65ef9fa · 65ef9fa
1 parent 65baf50
commit 65ef9fa
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 2 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "slack-morphism"
-version = "1.3.0"
+version = "1.3.1-alpha.0"
 authors = ["Abdulla Abdurakhmanov <me@abdolence.dev>"]
 edition = "2021"
 license = "Apache-2.0"

diff --git a/src/api/webhook.rs b/src/api/webhook.rs
@@ -33,6 +33,7 @@ where
             rate_control_params: Some(&POST_WEBHOOK_SPECIAL_LIMIT_RATE_CTL),
             token: None,
             tracing_span: &http_webhook_span,
+            is_sensitive_url: true,
         };
 
         self.http_api

diff --git a/src/client.rs b/src/client.rs
@@ -52,6 +52,7 @@ pub struct SlackClientApiCallContext<'a> {
     pub rate_control_params: Option<&'a SlackApiMethodRateControlConfig>,
     pub token: Option<&'a SlackApiToken>,
     pub tracing_span: &'a Span,
+    pub is_sensitive_url: bool,
 }
 
 pub trait SlackClientHttpConnector {
@@ -238,6 +239,7 @@ where
             rate_control_params,
             token: Some(self.token),
             tracing_span: &self.span,
+            is_sensitive_url: false,
         };
 
         self.client
@@ -262,6 +264,7 @@ where
             rate_control_params,
             token: Some(self.token),
             tracing_span: &self.span,
+            is_sensitive_url: false,
         };
 
         self.client
@@ -285,6 +288,7 @@ where
             rate_control_params,
             token: Some(self.token),
             tracing_span: &self.span,
+            is_sensitive_url: false,
         };
 
         self.client
@@ -308,6 +312,7 @@ where
             rate_control_params,
             token: Some(self.token),
             tracing_span: &self.span,
+            is_sensitive_url: false,
         };
 
         self.client

diff --git a/src/hyper_tokio/connector.rs b/src/hyper_tokio/connector.rs
@@ -69,7 +69,24 @@ impl<H: 'static + Send + Sync + Clone + connect::Connect> SlackClientHyperConnec
     where
         RS: for<'de> serde::de::Deserialize<'de>,
     {
-        let uri_str = request.uri().to_string();
+        let uri_str = if context.is_sensitive_url {
+            format!(
+                "{}://{}/<redacted>",
+                request
+                    .uri()
+                    .scheme()
+                    .map(|scheme| scheme.to_string())
+                    .unwrap_or_else(|| "unknown-scheme".to_string()),
+                request
+                    .uri()
+                    .host()
+                    .map(|host| host.to_string())
+                    .unwrap_or_else(|| "unknown-host".to_string())
+            )
+        } else {
+            request.uri().to_string()
+        };
+
         context.tracing_span.in_scope(|| {
             debug!(
                 slack_uri = uri_str.as_str(),
@@ -287,6 +304,7 @@ impl<H: 'static + Send + Sync + Clone + connect::Connect> SlackClientHttpConnect
                 rate_control_params: None,
                 token: None,
                 tracing_span: &http_oauth_span,
+                is_sensitive_url: false,
             };
 
             self.send_rate_controlled_request(