We use cookies to ensure you get the best experience on our website
Home Esplora Aiuto
Registrati Accedi
0ct0pu5
/
moby
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Sfoglia il codice sorgente

DebugRequestMiddleware: Remove path handling

Path-specific rules were removed, so this is no longer used.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 530e63c1a61b105a6f7fc143c5acb9b5cd87f958)
Signed-off-by: Tibor Vass <tibor@docker.com>
Sebastiaan van Stijn 6 anni fa
parent
73db8c77bf
commit
f8a0f26843
2 ha cambiato i file con 8 aggiunte e 50 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 4 12
      api/server/middleware/debug.go
  2. 4 38
      api/server/middleware/debug_test.go

+ 4 - 12
api/server/middleware/debug.go
Vedi File 

@@ -41,7 +41,7 @@ func DebugRequestMiddleware(handler func(ctx context.Context, w http.ResponseWri
 
 
 		var postForm map[string]interface{}
 
 		if err := json.Unmarshal(b, &postForm); err == nil {
 
-			maskSecretKeys(postForm, r.RequestURI)
 
+			maskSecretKeys(postForm)
 
 			formStr, errMarshal := json.Marshal(postForm)
 
 			if errMarshal == nil {
 
 				logrus.Debugf("form data: %s", string(formStr))
 
@@ -54,18 +54,10 @@ func DebugRequestMiddleware(handler func(ctx context.Context, w http.ResponseWri
 
 	}
 
 }
 
 
-func maskSecretKeys(inp interface{}, path string) {
 
-	// Remove any query string from the path
 
-	idx := strings.Index(path, "?")
 
-	if idx != -1 {
 
-		path = path[:idx]
 
-	}
 
-	// Remove trailing / characters
 
-	path = strings.TrimRight(path, "/")
 
-
 
+func maskSecretKeys(inp interface{}) {
 
 	if arr, ok := inp.([]interface{}); ok {
 
 		for _, f := range arr {
 
-			maskSecretKeys(f, path)
 
+			maskSecretKeys(f)
 
 		}
 
 		return
 
 	}
 
@@ -92,7 +84,7 @@ func maskSecretKeys(inp interface{}, path string) {
 
 					continue loop0
 
 				}
 
 			}
 
-			maskSecretKeys(v, path)
 
+			maskSecretKeys(v)
 
 		}
 
 	}
 
 }

+ 4 - 38
api/server/middleware/debug_test.go
Vedi File 

@@ -10,49 +10,16 @@ import (
 
 func TestMaskSecretKeys(t *testing.T) {
 
 	tests := []struct {
 
 		doc      string
 
-		path     string
 
 		input    map[string]interface{}
 
 		expected map[string]interface{}
 
 	}{
 
 		{
 
-			doc:      "secret create with API version",
 
-			path:     "/v1.30/secrets/create",
 
+			doc:      "secret/config create and update requests",
 
 			input:    map[string]interface{}{"Data": "foo", "Name": "name", "Labels": map[string]interface{}{}},
 
 			expected: map[string]interface{}{"Data": "*****", "Name": "name", "Labels": map[string]interface{}{}},
 
 		},
 
 		{
 
-			doc:      "secret create with API version and trailing slashes",
 
-			path:     "/v1.30/secrets/create//",
 
-			input:    map[string]interface{}{"Data": "foo", "Name": "name", "Labels": map[string]interface{}{}},
 
-			expected: map[string]interface{}{"Data": "*****", "Name": "name", "Labels": map[string]interface{}{}},
 
-		},
 
-		{
 
-			doc:      "secret create with query param",
 
-			path:     "/secrets/create?key=val",
 
-			input:    map[string]interface{}{"Data": "foo", "Name": "name", "Labels": map[string]interface{}{}},
 
-			expected: map[string]interface{}{"Data": "*****", "Name": "name", "Labels": map[string]interface{}{}},
 
-		},
 
-		{
 
-			doc:      "secret update with API version",
 
-			path:     "/v1.30/secrets/mysecret/update",
 
-			input:    map[string]interface{}{"Data": "foo", "Name": "name", "Labels": map[string]interface{}{}},
 
-			expected: map[string]interface{}{"Data": "*****", "Name": "name", "Labels": map[string]interface{}{}},
 
-		},
 
-		{
 
-			doc:      "secret update with API version and trailing slashes",
 
-			path:     "/v1.30/secrets/mysecret/update//",
 
-			input:    map[string]interface{}{"Data": "foo", "Name": "name", "Labels": map[string]interface{}{}},
 
-			expected: map[string]interface{}{"Data": "*****", "Name": "name", "Labels": map[string]interface{}{}},
 
-		},
 
-		{
 
-			doc:      "secret update with query parameter",
 
-			path:     "/secrets/mysecret/update?version=34",
 
-			input:    map[string]interface{}{"Data": "foo", "Name": "name", "Labels": map[string]interface{}{}},
 
-			expected: map[string]interface{}{"Data": "*****", "Name": "name", "Labels": map[string]interface{}{}},
 
-		},
 
-		{
 
-			doc:  "other paths with API version",
 
-			path: "/v1.30/some/other/path",
 
+			doc: "masking other fields (recursively)",
 
 			input: map[string]interface{}{
 
 				"password":     "pass",
 
 				"secret":       "secret",
 
@@ -83,8 +50,7 @@ func TestMaskSecretKeys(t *testing.T) {
 
 			},
 
 		},
 
 		{
 
-			doc:  "other paths with API version case insensitive",
 
-			path: "/v1.30/some/other/path",
 
+			doc: "case insensitive field matching",
 
 			input: map[string]interface{}{
 
 				"PASSWORD": "pass",
 
 				"other": map[string]interface{}{
 
@@ -102,7 +68,7 @@ func TestMaskSecretKeys(t *testing.T) {
 
 
 	for _, testcase := range tests {
 
 		t.Run(testcase.doc, func(t *testing.T) {
 
-			maskSecretKeys(testcase.input, testcase.path)
 
+			maskSecretKeys(testcase.input)
 
 			assert.Check(t, is.DeepEqual(testcase.expected, testcase.input))
 
 		})
 
 	}

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5