tobias/radicale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remove cookies from logging output

Browse Source 
HTTP cookies are shared across all ports on a host. The log might contain session ids or CSRF tokens from other applications on the same host.
This commit is contained in:
Unrud 2017-08-14 18:16:46 +02:00
parent f87c16a42b
commit a73a7ab193
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
radicale/__init__.py
View File

@ -250,6 +250,8 @@ class Application:
authorization = request_environ.get("HTTP_AUTHORIZATION", "") authorization = request_environ.get("HTTP_AUTHORIZATION", "")
if mask_passwords and authorization.startswith("Basic"): if mask_passwords and authorization.startswith("Basic"):
request_environ["HTTP_AUTHORIZATION"] = "Basic **masked**" request_environ["HTTP_AUTHORIZATION"] = "Basic **masked**"
if request_environ.get("HTTP_COOKIE"):
request_environ["HTTP_COOKIE"] = "**masked**"
return request_environ return request_environ