Skip to content

Commit

Permalink
Fix authority redaction (#1424)
Browse files Browse the repository at this point in the history
  • Loading branch information
denrase authored May 9, 2023
1 parent 895becc commit 8cb6557
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 18 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
### Fixes

- Fix `event.origin` and `event.environment` on unhandled exceptions ([#1419](https://github.com/getsentry/sentry-dart/pull/1419))
- Fix authority redaction ([#1424](https://github.com/getsentry/sentry-dart/pull/1424))

### Dependencies

Expand Down
23 changes: 5 additions & 18 deletions dart/lib/src/utils/http_sanitizer.dart
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ import 'url_details.dart';

@internal
class HttpSanitizer {
static final RegExp _authRegExp = RegExp("(.+://)(.*@)(.*)");
static final List<String> _securityHeaders = [
"X-FORWARDED-FOR",
"AUTHORIZATION",
Expand Down Expand Up @@ -36,9 +35,9 @@ class HttpSanitizer {
} else {
try {
final uri = Uri.parse(url);
final urlWithAuthRemoved = _urlWithAuthRemoved(uri._url());
final urlWithRedactedAuth = uri._urlWithRedactedAuth();
return UrlDetails(
url: urlWithAuthRemoved.isEmpty ? null : urlWithAuthRemoved,
url: urlWithRedactedAuth.isEmpty ? null : urlWithRedactedAuth,
query: uri.query.isEmpty ? null : uri.query,
fragment: uri.fragment.isEmpty ? null : uri.fragment);
} catch (_) {
Expand All @@ -59,29 +58,17 @@ class HttpSanitizer {
});
return sanitizedHeaders;
}

static String _urlWithAuthRemoved(String url) {
final userInfoMatch = _authRegExp.firstMatch(url);
if (userInfoMatch != null && userInfoMatch.groupCount == 3) {
final userInfoString = userInfoMatch.group(2) ?? '';
final replacementString = userInfoString.contains(":")
? "[Filtered]:[Filtered]@"
: "[Filtered]@";
return '${userInfoMatch.group(1) ?? ''}$replacementString${userInfoMatch.group(3) ?? ''}';
} else {
return url;
}
}
}

extension UriPath on Uri {
String _url() {
String _urlWithRedactedAuth() {
var buffer = '';
if (scheme.isNotEmpty) {
buffer += '$scheme://';
}
if (userInfo.isNotEmpty) {
buffer += '$userInfo@';
buffer +=
userInfo.contains(":") ? "[Filtered]:[Filtered]@" : "[Filtered]@";
}
buffer += host;
if (path.isNotEmpty) {
Expand Down
10 changes: 10 additions & 0 deletions dart/test/utils/http_sanitizer_test.dart
Original file line number Diff line number Diff line change
Expand Up @@ -170,6 +170,16 @@ void main() {
final details = HttpSanitizer.sanitizeUrl('::Not valid URI::');
expect(details, isNull);
});

test('keeps email address', () {
final urlDetails = HttpSanitizer.sanitizeUrl(
"https://staging.server.com/api/v4/auth/password/reset/email@example.com");
expect(
"https://staging.server.com/api/v4/auth/password/reset/email@example.com",
urlDetails?.url);
expect(urlDetails?.query, isNull);
expect(urlDetails?.fragment, isNull);
});
}

extension StringExtension on String {
Expand Down

0 comments on commit 8cb6557

Please sign in to comment.