factor out uri redaction into a method on http

author: Michael Telatynski <7t3chguy@gmail.com> 2018-06-05 18:31:40 +0100
committer: Michael Telatynski <7t3chguy@gmail.com> 2018-06-05 18:31:40 +0100
commit: e6cbf47773472e6e3dd1884bb0376d3d66a37433 (patch)
tree: c858afd3cf93aaf0f25898c0eaec9a396e619c2e /synapse/http/__init__.py
parent: Strip `access_token` from outgoing requests using existing regex (diff)
download: synapse-e6cbf47773472e6e3dd1884bb0376d3d66a37433.tar.xz
1 files changed, 13 insertions, 0 deletions
diff --git a/synapse/http/__init__.py b/synapse/http/__init__.py
index 054372e179..58ef8d3ce4 100644
--- a/synapse/http/__init__.py
+++ b/synapse/http/__init__.py
@@ -13,6 +13,8 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
+import re
+
 from twisted.internet.defer import CancelledError
 from twisted.python import failure
 
@@ -34,3 +36,14 @@ def cancelled_to_request_timed_out_error(value, timeout):
         value.trap(CancelledError)
         raise RequestTimedOutError()
     return value
+
+
+ACCESS_TOKEN_RE = re.compile(br'(\?.*access(_|%5[Ff])token=)[^&]*(.*)$')
+
+
+def redact_uri(uri):
+    """Strips access tokens from the uri replaces with <redacted>"""
+    return ACCESS_TOKEN_RE.sub(
+        br'\1<redacted>\3',
+        uri
+    )
author	Michael Telatynski <7t3chguy@gmail.com>	2018-06-05 18:31:40 +0100
committer	Michael Telatynski <7t3chguy@gmail.com>	2018-06-05 18:31:40 +0100
commit	e6cbf47773472e6e3dd1884bb0376d3d66a37433 (patch)
tree	c858afd3cf93aaf0f25898c0eaec9a396e619c2e /synapse/http/__init__.py
parent	Strip `access_token` from outgoing requests using existing regex (diff)
download	synapse-e6cbf47773472e6e3dd1884bb0376d3d66a37433.tar.xz