Strip `access_token` from outgoing requests using existing regex

author: Michael Telatynski <7t3chguy@gmail.com> 2018-06-02 23:25:13 +0100
committer: Michael Telatynski <7t3chguy@gmail.com> 2018-06-02 23:25:13 +0100
commit: 09503126df928d42e7932394b1cbefa4662bd212 (patch)
tree: 35a27d215eff319e728db912beb4576e5439c125 /synapse
parent: Merge pull request #3317 from thegcat/feature/3312-add_ipv6_to_blacklist_exam... (diff)
download: synapse-09503126df928d42e7932394b1cbefa4662bd212.tar.xz
1 files changed, 6 insertions, 1 deletions
diff --git a/synapse/http/client.py b/synapse/http/client.py
index 4d4eee3d64..89db33453b 100644
--- a/synapse/http/client.py
+++ b/synapse/http/client.py
@@ -20,6 +20,7 @@ from synapse.api.errors import (
     CodeMessageException, MatrixCodeMessageException, SynapseError, Codes,
 )
 from synapse.http import cancelled_to_request_timed_out_error
+from synapse.http.site import ACCESS_TOKEN_RE
 from synapse.util.async import add_timeout_to_deferred
 from synapse.util.caches import CACHE_SIZE_FACTOR
 from synapse.util.logcontext import make_deferred_yieldable
@@ -90,7 +91,11 @@ class SimpleHttpClient(object):
         # counters to it
         outgoing_requests_counter.labels(method).inc()
 
-        logger.info("Sending request %s %s", method, uri)
+        # log request but strip `access_token` (AS requests for example include this)
+        logger.info("Sending request %s %s", method, ACCESS_TOKEN_RE.sub(
+            r'\1<redacted>\3',
+            uri
+        ))
 
         try:
             request_deferred = self.agent.request(
author	Michael Telatynski <7t3chguy@gmail.com>	2018-06-02 23:25:13 +0100
committer	Michael Telatynski <7t3chguy@gmail.com>	2018-06-02 23:25:13 +0100
commit	09503126df928d42e7932394b1cbefa4662bd212 (patch)
tree	35a27d215eff319e728db912beb4576e5439c125 /synapse
parent	Merge pull request #3317 from thegcat/feature/3312-add_ipv6_to_blacklist_exam... (diff)
download	synapse-09503126df928d42e7932394b1cbefa4662bd212.tar.xz