Application Service tokens appear plain text in logs

[turt2live]

2017-07-30 08:13:13,341 - synapse.http.client - 96 - INFO - PUT-857- Sending request PUT http://localhost:9004/transactions/396191?access_token=THE_REAL_TOKEN_HERE
2017-07-30 08:13:14,417 - synapse.http.client - 96 - INFO - PUT-1865- Sending request PUT http://localhost:9004/transactions/396192?access_token=THE_REAL_TOKEN_HERE

Note: I've self-redacted the tokens in the snippet above

[ara4n]

fixed by #2521

[turt2live]

not fixed by #2521 because the request is outgoing.

Updated OP to include a bounty.

[pmg1991]

@turt2live instead of filtering inside code we should use python's logging filter. I've created a fork and used implemented a way to filtering based on patterns here pmg1991@2f652f2
It will work for both incoming and outgoing or anything that contains predefined regex patterns.
If it is good to go i'll raise a PR.

[turt2live]

I wouldn't know if it's good or not. I recommend opening a PR so the team can review it.

[pmg1991]

@turt2live PR raised #3230

[t3chguy]

@turt2live additional fixes in #3349

[turt2live]

@t3chguy Looks good! Thanks for fixing.

Feel free to submit a claim for the bounty, assuming there's no concerns from the NV side (otherwise I'll redirect the bounty elsewhere).

[t3chguy]

I don't think there'd be concerns RE NV but will check with immediate superior as I did not do this during my chargeable hours and thus did it as part of community