6 роки тому · e316407b5d
--- a/synapse/http/__init__.py
+++ b/synapse/http/__init__.py
@@ -13,6 +13,8 @@
 
				 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
			
 
				 # See the License for the specific language governing permissions and
			
 
				 # limitations under the License.
			
 
				+import re
			
 
				+
			
 
				 from twisted.internet.defer import CancelledError
			
 
				 from twisted.python import failure
			
 
				 
			
@@ -34,3 +36,14 @@ def cancelled_to_request_timed_out_error(value, timeout):
 
				         value.trap(CancelledError)
			
 
				         raise RequestTimedOutError()
			
 
				     return value
			
 
				+
			
 
				+
			
 
				+ACCESS_TOKEN_RE = re.compile(br'(\?.*access(_|%5[Ff])token=)[^&]*(.*)$')
			
 
				+
			
 
				+
			
 
				+def redact_uri(uri):
			
 
				+    """Strips access tokens from the uri replaces with <redacted>"""
			
 
				+    return ACCESS_TOKEN_RE.sub(
			
 
				+        br'\1<redacted>\3',
			
 
				+        uri
			
 
				+    )
			
--- a/synapse/http/client.py
+++ b/synapse/http/client.py
@@ -19,7 +19,7 @@ from OpenSSL.SSL import VERIFY_NONE
 
				 from synapse.api.errors import (
			
 
				     CodeMessageException, MatrixCodeMessageException, SynapseError, Codes,
			
 
				 )
			
 
				-from synapse.http import cancelled_to_request_timed_out_error
			
 
				+from synapse.http import cancelled_to_request_timed_out_error, redact_uri
			
 
				 from synapse.util.async import add_timeout_to_deferred
			
 
				 from synapse.util.caches import CACHE_SIZE_FACTOR
			
 
				 from synapse.util.logcontext import make_deferred_yieldable
			
@@ -90,7 +90,8 @@ class SimpleHttpClient(object):
 
				         # counters to it
			
 
				         outgoing_requests_counter.labels(method).inc()
			
 
				 
			
 
				-        logger.info("Sending request %s %s", method, uri)
			
 
				+        # log request but strip `access_token` (AS requests for example include this)
			
 
				+        logger.info("Sending request %s %s", method, redact_uri(uri))
			
 
				 
			
 
				         try:
			
 
				             request_deferred = self.agent.request(
			
--- a/synapse/http/site.py
+++ b/synapse/http/site.py
@@ -14,18 +14,16 @@
 
				 
			
 
				 import contextlib
			
 
				 import logging
			
 
				-import re
			
 
				 import time
			
 
				 
			
 
				 from twisted.web.server import Site, Request
			
 
				 
			
 
				+from synapse.http import redact_uri
			
 
				 from synapse.http.request_metrics import RequestMetrics
			
 
				 from synapse.util.logcontext import LoggingContext
			
 
				 
			
 
				 logger = logging.getLogger(__name__)
			
 
				 
			
 
				-ACCESS_TOKEN_RE = re.compile(br'(\?.*access(_|%5[Ff])token=)[^&]*(.*)$')
			
 
				-
			
 
				 _next_request_seq = 0
			
 
				 
			
 
				 
			
@@ -69,10 +67,7 @@ class SynapseRequest(Request):
 
				         return "%s-%i" % (self.method, self.request_seq)
			
 
				 
			
 
				     def get_redacted_uri(self):
			
 
				-        return ACCESS_TOKEN_RE.sub(
			
 
				-            br'\1<redacted>\3',
			
 
				-            self.uri
			
 
				-        )
			
 
				+        return redact_uri(self.uri)
			
 
				 
			
 
				     def get_user_agent(self):
			
 
				         return self.requestHeaders.getRawHeaders(b"User-Agent", [None])[-1]