Skip to content

uri module set string with masked content into content and json output #68400

Closed
@hungluong5791

Description

@hungluong5791
SUMMARY

uri module set string with masked content into content and json output

ISSUE TYPE
  • Bug Report
COMPONENT NAME

uri

ANSIBLE VERSION
ansible 2.9.0
  config file = None
  configured module search path = ['/Users/hungluong/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /Users/hungluong/Library/Python/3.7/lib/python/site-packages/ansible
  executable location = /Users/hungluong/Library/Python/3.7/bin/ansible
  python version = 3.7.6 (default, Dec 30 2019, 19:38:26) [Clang 11.0.0 (clang-1100.0.33.16)]
CONFIGURATION
N/A
OS / ENVIRONMENT
STEPS TO REPRODUCE
- hosts: localhost
  connection: local
  tasks:
    - name: send request
      uri:
        url: "https://postman-echo.com/get?name=something-with-admin"
        user: admin
        password: admin
        method: GET
        force_basic_auth: yes
        return_content: yes
        status_code: 200
      register: response
    
    - name: extract value
      vars:
        query: args.name
      set_fact:
        value_content: "{{ response.content }}"
        value_content_parsed: "{{ response.content | from_json | json_query(query) }}"
        value_json: "{{ response.json.args.name }}"

    - name: debug
      debug:
        msg:
          - "{{ 'something-with-admin' in value_json }}"
          - "{{ 'something-with-admin' in value_content }}"
          - "{{ 'something-with-admin' in value_content_parsed }}"
          - "{{ 'something-with-********' in value_json }}"
          - "{{ 'something-with-********' in value_content }}"
          - "{{ 'something-with-********' in value_content_parsed }}"
EXPECTED RESULTS

The module should return the json/content value with the correct values

ACTUAL RESULTS

The module seems to apply sensitive info masking ('********') to value matching username/password in its output

"msg": [
        false,
        false,
        false,
        true,
        false,
        true
    ]

Metadata

Metadata

Assignees

No one assigned

    Labels

    P3Priority 3 - Approved, No Time Limitationaffects_2.9This issue/PR affects Ansible v2.9bugThis issue/PR relates to a bug.easyfixThis issue is considered easy to fix by aspiring contributors.moduleThis issue/PR relates to a module.net_toolsNet-tools categorysupport:coreThis issue/PR relates to code supported by the Ansible Engineering Team.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions