diff options
author | Adam Renberg <tgwizard@gmail.com> | 2015-06-03 16:51:08 +0200 |
---|---|---|
committer | Adam Renberg <tgwizard@gmail.com> | 2015-06-03 16:51:08 +0200 |
commit | 04d1fd2408595dbc8a95414b8c1b57a0bbc0744c (patch) | |
tree | d827371829f1b000a7cdf551a92785fd632726e4 | |
parent | 12bb73770747ae8a6cc688bff32279257362e76b (diff) | |
download | raven-04d1fd2408595dbc8a95414b8c1b57a0bbc0744c.tar.gz |
Sanitize access_token values by default
-rw-r--r-- | raven/processors.py | 1 | ||||
-rw-r--r-- | tests/processors/tests.py | 10 |
2 files changed, 9 insertions, 2 deletions
diff --git a/raven/processors.py b/raven/processors.py index a42d261..608b9d7 100644 --- a/raven/processors.py +++ b/raven/processors.py @@ -80,6 +80,7 @@ class SanitizePasswordsProcessor(Processor): 'api_key', 'apikey', 'sentry_dsn', + 'access_token', ]) VALUES_RE = re.compile(r'^(?:\d[ -]*?){13,16}$') diff --git a/tests/processors/tests.py b/tests/processors/tests.py index 6271bdd..c17ea09 100644 --- a/tests/processors/tests.py +++ b/tests/processors/tests.py @@ -15,6 +15,7 @@ VARS = { 'a_password_here': 'hello', 'api_key': 'secret_key', 'apiKey': 'secret_key', + 'access_token': 'oauth2 access token', } @@ -25,6 +26,7 @@ def get_stack_trace_data_real(exception_class=TypeError, **kwargs): a_password_here = "Don't look at me!" # NOQA F841 api_key = "I'm hideous!" # NOQA F841 apiKey = "4567000012345678" # NOQA F841 + access_token = "secret stuff!" # NOQA F841 # TypeError: unsupported operand type(s) for /: 'str' and 'str' raise exception_class() @@ -89,6 +91,8 @@ class SanitizePasswordsProcessorTest(TestCase): self.assertEquals(vars['api_key'], proc.MASK) self.assertTrue('apiKey' in vars) self.assertEquals(vars['apiKey'], proc.MASK) + self.assertTrue('access_token' in vars) + self.assertEquals(vars['access_token'], proc.MASK) def test_stacktrace(self, *args, **kwargs): """ @@ -191,7 +195,8 @@ class SanitizePasswordsProcessorTest(TestCase): def test_cookie_header(self): data = get_http_data() data['request']['headers']['Cookie'] = 'foo=bar;password=hello'\ - ';the_secret=hello;a_password_here=hello;api_key=secret_key' + ';the_secret=hello;a_password_here=hello;api_key=secret_key'\ + ';access_token=at' proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) @@ -201,7 +206,8 @@ class SanitizePasswordsProcessorTest(TestCase): self.assertEquals( http['headers']['Cookie'], 'foo=bar;password=%(m)s' - ';the_secret=%(m)s;a_password_here=%(m)s;api_key=%(m)s' % dict(m=proc.MASK)) + ';the_secret=%(m)s;a_password_here=%(m)s;api_key=%(m)s' + ';access_token=%(m)s' % dict(m=proc.MASK)) def test_sanitize_credit_card(self): proc = SanitizePasswordsProcessor(Mock()) |