[BugFix] Avoid token print in FE log. (#52511)

Signed-off-by: [email protected]
Signed-off-by: xyllq999 <[email protected]>
(cherry picked from commit a0b2d35)

fe/fe-core/src/main/java/com/starrocks/common/util/Util.java

@@ -41,6 +41,7 @@
 import com.starrocks.catalog.Type;
 import com.starrocks.common.AnalysisException;
 import com.starrocks.common.TimeoutException;
+import com.starrocks.http.WebUtils;
 import com.starrocks.qe.ConnectContext;
 import com.starrocks.server.GlobalStateMgr;
 import com.starrocks.sql.analyzer.SemanticException;
@@ -344,8 +345,10 @@ public static String getResultForUrl(String urlStr, String encodedAuthInfo, int
                                          int readTimeoutMs) {
         StringBuilder sb = new StringBuilder();
         InputStream stream = null;
+        String safeUrl = urlStr;
         try {
             URL url = new URL(urlStr);
+            safeUrl = WebUtils.sanitizeHttpReqUri(urlStr);
             URLConnection conn = url.openConnection();
             if (encodedAuthInfo != null) {
                 conn.setRequestProperty("Authorization", "Basic " + encodedAuthInfo);
@@ -361,14 +364,14 @@ public static String getResultForUrl(String urlStr, String encodedAuthInfo, int
                 sb.append(line);
             }
         } catch (Exception e) {
-            LOG.warn("failed to get result from url: {}. {}", urlStr, e.getMessage());
+            LOG.warn("failed to get result from url: {}. {}", safeUrl, e.getMessage());
             return null;
         } finally {
             if (stream != null) {
                 try {
                     stream.close();
                 } catch (IOException e) {
-                    LOG.warn("failed to close stream when get result from url: {}", urlStr, e);
+                    LOG.warn("failed to close stream when get result from url: {}", safeUrl, e);
                 }
             }
         }

fe/fe-core/src/main/java/com/starrocks/http/rest/RestBaseAction.java

@@ -46,6 +46,7 @@
 import com.starrocks.http.BaseRequest;
 import com.starrocks.http.BaseResponse;
 import com.starrocks.http.HttpConnectContext;
+import com.starrocks.http.WebUtils;
 import com.starrocks.privilege.AccessDeniedException;
 import com.starrocks.privilege.AuthorizationMgr;
 import com.starrocks.qe.ConnectContext;
@@ -81,18 +82,20 @@ public RestBaseAction(ActionController controller) {
     @Override
     public void handleRequest(BaseRequest request) {
         BaseResponse response = new BaseResponse();
+        String url = request.getRequest().uri();
         try {
+            url = WebUtils.sanitizeHttpReqUri(request.getRequest().uri());
             execute(request, response);
         } catch (AccessDeniedException accessDeniedException) {
-            LOG.warn("failed to process url: {}", request.getRequest().uri(), accessDeniedException);
+            LOG.warn("failed to process url: {}", url, accessDeniedException);
             response.updateHeader(HttpHeaderNames.WWW_AUTHENTICATE.toString(), "Basic realm=\"\"");
             response.appendContent(new RestBaseResult(getErrorRespWhenUnauthorized(accessDeniedException)).toJson());
             writeResponse(request, response, HttpResponseStatus.UNAUTHORIZED);
         } catch (DdlException e) {
-            LOG.warn("fail to process url: {}", request.getRequest().uri(), e);
+            LOG.warn("fail to process url: {}", url, e);
             sendResult(request, response, new RestBaseResult(e.getMessage()));
         } catch (Exception e) {
-            LOG.warn("fail to process url: {}", request.getRequest().uri(), e);
+            LOG.warn("fail to process url: {}", url, e);
             String msg = e.getMessage();
             if (msg == null) {
                 msg = e.toString();