Permalink
Browse files

Remove password from logs.

  • Loading branch information...
bbankowski committed Aug 31, 2018
1 parent b061e8a commit dc7a24cb3467adcadf9839956172fc37bd37466d
@@ -16,6 +16,8 @@
class ExceptionLogger
{
const PASSWORD_PLACEHOLDER = '***';
/** @var OuzoExceptionData */
private $exceptionData;
@@ -74,10 +76,10 @@ public function getMessage()
$message .= "\nREQUEST_URI = " . Arrays::getValue($_SERVER, 'REQUEST_URI');
$message .= "\nREDIRECT_URL = " . Arrays::getValue($_SERVER, 'REDIRECT_URL');
if (!empty($_GET)) {
$message .= "\nGET = " . Objects::toString($_GET);
$message .= "\nGET = " . self::sanitize($_GET);
}
if (!empty($_POST)) {
$message .= "\nPOST = " . Objects::toString($_POST);
$message .= "\nPOST = " . self::sanitize($_POST);
}
if (Strings::equalsIgnoreCase(ContentType::value(), 'application/json')) {
$jsonBody = stream_get_contents(fopen('php://input', 'r'));
@@ -87,4 +89,12 @@ public function getMessage()
$message .= "\n------------------------------------------------------------------------------------------------------------------------------------";
return $message;
}
public static function sanitize(array $array)
{
if (isset($array['password'])) {
$array['password'] = self::PASSWORD_PLACEHOLDER;
}
return Objects::toString($array);
}
}
@@ -0,0 +1,24 @@
<?php
namespace Ouzo\ExceptionHandling;
use PHPUnit\Framework\TestCase;
class ExceptionLoggerTest extends TestCase
{
/**
* @test
*/
public function shouldNotWritePasswordToLog()
{
// when
$result = ExceptionLogger::sanitize(['login' => 'xxx', 'password' => 'yyy']);
// then
$this->assertEquals('[<login> => "xxx", <password> => "***"]', $result);
var_dump((new \Exception())->getTraceAsString());
}
}

0 comments on commit dc7a24c

Please sign in to comment.