forked from getsentry/raven-python
-
Notifications
You must be signed in to change notification settings - Fork 0
/
processors.py
105 lines (80 loc) · 2.91 KB
/
processors.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
"""
raven.core.processors
~~~~~~~~~~~~~~~~~~~~~
:copyright: (c) 2010 by the Sentry Team, see AUTHORS for more details.
:license: BSD, see LICENSE for more details.
"""
import re
from raven.utils import varmap
class Processor(object):
def __init__(self, client):
self.client = client
def get_data(self, data, **kwargs):
return
def process(self, data, **kwargs):
resp = self.get_data(data, **kwargs)
if resp:
data = resp
return data
class RemovePostDataProcessor(Processor):
"""
Removes HTTP post data.
"""
def process(self, data, **kwargs):
if 'sentry.interfaces.Http' in data:
data['sentry.interfaces.Http'].pop('data', None)
return data
class RemoveStackLocalsProcessor(Processor):
"""
Removes local context variables from stacktraces.
"""
def process(self, data, **kwargs):
if 'sentry.interfaces.Stacktrace' in data:
for frame in data['sentry.interfaces.Stacktrace'].get('frames', []):
frame.pop('vars', None)
return data
class SanitizePasswordsProcessor(Processor):
"""
Asterisk out passwords from password fields in frames, http,
and basic extra data.
"""
MASK = '*' * 8
FIELDS = frozenset(['password', 'secret', 'passwd'])
VALUES_RE = re.compile(r'^\d{16}$')
def sanitize(self, key, value):
if value is None:
return
if isinstance(value, basestring) and self.VALUES_RE.match(value):
return self.MASK
if not key: # key can be a NoneType
return value
key = key.lower()
for field in self.FIELDS:
if field in key:
# store mask as a fixed length for security
return self.MASK
return value
def filter_stacktrace(self, data):
if 'frames' not in data:
return
for frame in data['frames']:
if 'vars' not in frame:
continue
frame['vars'] = varmap(self.sanitize, frame['vars'])
def filter_http(self, data):
for n in ('data', 'cookies', 'headers', 'env', 'query_string'):
if n not in data:
continue
if isinstance(data[n], basestring) and '=' in data[n]:
# at this point we've assumed it's a standard HTTP query
querystring = [c.split('=') for c in data[n].split('&')]
querystring = [(k, self.sanitize(k, v)) for k, v in querystring]
data[n] = '&'.join('='.join(k) for k in querystring)
else:
data[n] = varmap(self.sanitize, data[n])
def process(self, data, **kwargs):
if 'sentry.interfaces.Stacktrace' in data:
self.filter_stacktrace(data['sentry.interfaces.Stacktrace'])
if 'sentry.interfaces.Http' in data:
self.filter_http(data['sentry.interfaces.Http'])
return data