From dbd69e9a40c0c5a9e80e881dce7e63bc99373fba Mon Sep 17 00:00:00 2001 From: sahil-seth <156897350+sahil-seth@users.noreply.github.com> Date: Tue, 8 Oct 2024 10:32:54 +0530 Subject: [PATCH] feat: adding support for data uri sanitisation (#31721) Co-authored-by: Michael Kriese --- lib/logger/utils.spec.ts | 1 + lib/logger/utils.ts | 9 ++++++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/lib/logger/utils.spec.ts b/lib/logger/utils.spec.ts index 3d36dc577e00ab..df0fb726fed246 100644 --- a/lib/logger/utils.spec.ts +++ b/lib/logger/utils.spec.ts @@ -48,6 +48,7 @@ describe('logger/utils', () => { ${'redis://:somepw@172.32.11.71:6379/0'} | ${'redis://**redacted**@172.32.11.71:6379/0'} ${'some text with\r\n url: https://somepw@domain.com\nand some more'} | ${'some text with\r\n url: https://**redacted**@domain.com\nand some more'} ${'[git://domain.com](git://pw@domain.com)'} | ${'[git://domain.com](git://**redacted**@domain.com)'} + ${'data:text/vnd-example;foo=bar;base64,R0lGODdh'} | ${'data:text/vnd-example;**redacted**'} ${'user@domain.com'} | ${'user@domain.com'} `('sanitizeValue("$input") == "$output"', ({ input, output }) => { expect(sanitizeValue(input)).toBe(output); diff --git a/lib/logger/utils.ts b/lib/logger/utils.ts index ac2f5ec5f28b12..f04c0f8132ad9e 100644 --- a/lib/logger/utils.ts +++ b/lib/logger/utils.ts @@ -324,9 +324,12 @@ export function validateLogLevel( // Can't use `util/regex` because of circular reference to logger const urlRe = /[a-z]{3,9}:\/\/[^@/]+@[a-z0-9.-]+/gi; const urlCredRe = /\/\/[^@]+@/g; +const dataUriCredRe = /^(data:[0-9a-z-]+\/[0-9a-z-]+;).+/i; export function sanitizeUrls(text: string): string { - return text.replace(urlRe, (url) => { - return url.replace(urlCredRe, '//**redacted**@'); - }); + return text + .replace(urlRe, (url) => { + return url.replace(urlCredRe, '//**redacted**@'); + }) + .replace(dataUriCredRe, '$1**redacted**'); }