Don't log passwords on dav exceptions
Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
parent
5f0932a5a7
commit
79f6773ef9
|
@ -94,26 +94,9 @@ class ExceptionLoggerPlugin extends \Sabre\DAV\ServerPlugin {
|
||||||
$level = \OCP\Util::DEBUG;
|
$level = \OCP\Util::DEBUG;
|
||||||
}
|
}
|
||||||
|
|
||||||
$message = $ex->getMessage();
|
$this->logger->logException($ex, [
|
||||||
if ($ex instanceof Exception) {
|
'app' => $this->appName,
|
||||||
if (empty($message)) {
|
'level' => $level,
|
||||||
$response = new Response($ex->getHTTPCode());
|
]);
|
||||||
$message = $response->getStatusText();
|
|
||||||
}
|
|
||||||
$message = "HTTP/1.1 {$ex->getHTTPCode()} $message";
|
|
||||||
}
|
|
||||||
|
|
||||||
$user = \OC_User::getUser();
|
|
||||||
|
|
||||||
$exception = [
|
|
||||||
'Message' => $message,
|
|
||||||
'Exception' => $exceptionClass,
|
|
||||||
'Code' => $ex->getCode(),
|
|
||||||
'Trace' => $ex->getTraceAsString(),
|
|
||||||
'File' => $ex->getFile(),
|
|
||||||
'Line' => $ex->getLine(),
|
|
||||||
'User' => $user,
|
|
||||||
];
|
|
||||||
$this->logger->log($level, 'Exception: ' . json_encode($exception), ['app' => $this->appName]);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -71,13 +71,13 @@ class ExceptionLoggerPluginTest extends TestCase {
|
||||||
$this->plugin->logException($exception);
|
$this->plugin->logException($exception);
|
||||||
|
|
||||||
$this->assertEquals($expectedLogLevel, $this->logger->level);
|
$this->assertEquals($expectedLogLevel, $this->logger->level);
|
||||||
$this->assertStringStartsWith('Exception: {"Message":"' . $expectedMessage, $this->logger->message);
|
$this->assertStringStartsWith('Exception: {"Exception":' . json_encode(get_class($exception)) . ',"Message":"' . $expectedMessage . '",', $this->logger->message);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function providesExceptions() {
|
public function providesExceptions() {
|
||||||
return [
|
return [
|
||||||
[0, 'HTTP\/1.1 404 Not Found', new NotFound()],
|
[0, '', new NotFound()],
|
||||||
[4, 'HTTP\/1.1 400 This path leads to nowhere', new InvalidPath('This path leads to nowhere')]
|
[4, 'This path leads to nowhere', new InvalidPath('This path leads to nowhere')]
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -311,7 +311,12 @@ class Log implements ILogger {
|
||||||
* @since 8.2.0
|
* @since 8.2.0
|
||||||
*/
|
*/
|
||||||
public function logException($exception, array $context = array()) {
|
public function logException($exception, array $context = array()) {
|
||||||
$exception = array(
|
$level = Util::ERROR;
|
||||||
|
if (isset($context['level'])) {
|
||||||
|
$level = $context['level'];
|
||||||
|
unset($context['level']);
|
||||||
|
}
|
||||||
|
$data = array(
|
||||||
'Exception' => get_class($exception),
|
'Exception' => get_class($exception),
|
||||||
'Message' => $exception->getMessage(),
|
'Message' => $exception->getMessage(),
|
||||||
'Code' => $exception->getCode(),
|
'Code' => $exception->getCode(),
|
||||||
|
@ -319,10 +324,10 @@ class Log implements ILogger {
|
||||||
'File' => $exception->getFile(),
|
'File' => $exception->getFile(),
|
||||||
'Line' => $exception->getLine(),
|
'Line' => $exception->getLine(),
|
||||||
);
|
);
|
||||||
$exception['Trace'] = preg_replace('!(' . implode('|', $this->methodsWithSensitiveParameters) . ')\(.*\)!', '$1(*** sensitive parameters replaced ***)', $exception['Trace']);
|
$data['Trace'] = preg_replace('!(' . implode('|', $this->methodsWithSensitiveParameters) . ')\(.*\)!', '$1(*** sensitive parameters replaced ***)', $data['Trace']);
|
||||||
$msg = isset($context['message']) ? $context['message'] : 'Exception';
|
$msg = isset($context['message']) ? $context['message'] : 'Exception';
|
||||||
$msg .= ': ' . json_encode($exception);
|
$msg .= ': ' . json_encode($data);
|
||||||
$this->error($msg, $context);
|
$this->log($level, $msg, $context);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
Loading…
Reference in New Issue