Skip to content

Commit

Permalink
feat: sanitize headers when logged
Browse files Browse the repository at this point in the history
  • Loading branch information
aviadatsnyk committed Dec 7, 2017
1 parent a8aff69 commit d10fb9e
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 0 deletions.
14 changes: 14 additions & 0 deletions lib/log.js
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
const bunyan = require('bunyan');
const escapeRegExp = require('lodash.escaperegexp');
const mapValues = require('lodash.mapvalues');
const config = require('./config');

const sanitiseConfigVariable = (raw, variable) =>
Expand Down Expand Up @@ -37,12 +38,25 @@ function sanitise(raw) {
return raw;
}

function sanitiseObject(obj) {
return mapValues(obj, v => sanitise(v));
}

function sanitiseHeaders(headers) {
const hdrs = JSON.parse(JSON.stringify(headers));
if (hdrs.authorization) {
hdrs.authorization = 'AUTHORIZATION';
}
return sanitiseObject(hdrs);
}

const log = bunyan.createLogger({
name: 'snyk-broker',
serializers: {
token: sanitise,
result: sanitise,
url: sanitise,
headers: sanitiseHeaders,
},
});

Expand Down
1 change: 1 addition & 0 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,7 @@
"express": "^4.14.0",
"js-yaml": "^3.6.1",
"lodash.escaperegexp": "^4.1.2",
"lodash.mapvalues": "^4.6.0",
"minimatch": "^3.0.4",
"path-to-regexp": "^1.5.3",
"primus": "^6.0.1",
Expand Down

0 comments on commit d10fb9e

Please sign in to comment.