Permalink
Browse files

Blacklisted parameters are filtered for sensitive data

  • Loading branch information...
1 parent 0dd5903 commit ac50732ad00027a14fdfb82e7c2168159ae43b6c @snikch snikch committed Oct 9, 2011
Showing with 37 additions and 3 deletions.
  1. +37 −3 Services/Airbrake.php
View
@@ -23,6 +23,7 @@ class Services_Airbrake
protected $file;
protected $line;
protected $trace;
+ protected static $blacklist = false;
/**
* Report E_STRICT
@@ -64,6 +65,18 @@ public static function installHandlers($apiKey=NULL, $environment=NULL, $client=
}
/**
+ * Adds a list of parameters that should be
+ * filtered before sending to Airbrake
+ * @return array
+ * @author Mal Curtis
+ */
+
+ public static function setBlacklist($array)
+ {
+ self::$blacklist = $array;
+ }
+
+ /**
* Hook's this notifier to PHP error and exception handlers
* @return void
* @author Rich Cavanaugh
@@ -284,7 +297,28 @@ function addXmlBacktrace($parent)
* @author Scott Woods
**/
function params() {
- return $_REQUEST;
+ return $this->clean_params($_REQUEST);
+ }
+
+ /**
+ * clean_params
+ * Filters the $_REQUEST array for sensitive data
+ * @return array
+ * @author Mal Curtis
+ **/
+ protected function clean_params($params)
+ {
+ if(!self::$blacklist) return $params;
+
+ foreach ($params as $key => $value) {
+ if(preg_match("/(" . implode(")|(", self::$blacklist) . ")/i", $key)) {
+ $params[$key] = '[FILTERED]';
+ }else if(is_array($value)){
+ $params[$key] = $this->clean_params($value);
+ }
+ }
+
+ return $params;
}
/**
@@ -303,9 +337,9 @@ function session() {
**/
function cgi_data() {
if (isset($_ENV) && !empty($_ENV)) {
- return array_merge($_SERVER, $_ENV);
+ return $this->clean_params(array_merge($_SERVER, $_ENV));
}
- return $_SERVER;
+ return $this->clean_params($_SERVER);
}
/**

0 comments on commit ac50732

Please sign in to comment.