Merge pull request #619 from Unrud/log_unsafe_paths

Log unsafe paths

radicale/storage.py

@@ -484,7 +484,8 @@ class Collection(BaseCollection):
             filesystem_path = path_to_filesystem(folder, sane_path)
         except ValueError as e:
             # Path is unsafe
-            cls.logger.info(e)
+            cls.logger.debug("Collection with unsafe path %r requested: %s",
+                             sane_path, e, exc_info=True)
             return
 
         # Check if the path exists and if it leads to a collection or an item

radicale/tests/test_auth.py

@@ -26,7 +26,6 @@ import shutil
 import tempfile
 
 import pytest
-
 from radicale import Application, config
 
 from .test_base import BaseTest

radicale/tests/test_base.py

@@ -26,7 +26,6 @@ import shutil
 import tempfile
 
 import pytest
-
 from radicale import Application, config
 
 from . import BaseTest

radicale/web.py

@@ -84,7 +84,9 @@ class Web(BaseWeb):
         try:
             filesystem_path = storage.path_to_filesystem(
                 self.folder, path[len("/.web"):])
-        except ValueError:
+        except ValueError as e:
+            self.logger.debug("Web content with unsafe path %r requested: %s",
+                              path, e, exc_info=True)
             return NOT_FOUND
         if os.path.isdir(filesystem_path) and not path.endswith("/"):
             location = posixpath.basename(path) + "/"