Skip to content
Snippets Groups Projects
Commit 1848948e authored by Johan de Klerk's avatar Johan de Klerk
Browse files

Merge branch '#1181-clean-raygun-credit-card-details' into 'main' 

Mask credit card details that is being sent to Raygun in the body of an api request.

See merge request !61
parents 15cca2ed 510c202c
No related branches found
Tags v1.287.0
1 merge request!61Mask credit card details that is being sent to Raygun in the body of an api request.
Hide whitespace changes
Inline Side-by-side
Showing
with 9 additions and 1 deletion
logs/logs.go
+ 9
1
View file @ 1848948e
...@@ -51,6 +51,7 @@ var raygunClient *raygun4go.Client ...@@ -51,6 +51,7 @@ var raygunClient *raygun4go.Client
// Password filtering // Password filtering
var passwordRegex = regexp.MustCompile(`(?i:\\?"password\\?"\s*:\s*\\?"(.*)\\?").*`) var passwordRegex = regexp.MustCompile(`(?i:\\?"password\\?"\s*:\s*\\?"(.*)\\?").*`)
var byteArrayRegex = regexp.MustCompile(`(?i:\\?"(?i:[\w]*)(?i:byte|data)(?i:[\w]*)\\?"\s*:\s*\[([\d\s,]+)*\])`) var byteArrayRegex = regexp.MustCompile(`(?i:\\?"(?i:[\w]*)(?i:byte|data)(?i:[\w]*)\\?"\s*:\s*\[([\d\s,]+)*\])`)
var creditCardDetailsRegex = regexp.MustCompile(`(?i)"(?:card_number|card_expiry_year|card_expiry_month|card_cvv)"\s*:\s*(?:")?([^,"}]+)(?:")?`)
func SanitiseLogs(logString string) string { func SanitiseLogs(logString string) string {
var isValidJsonString bool var isValidJsonString bool
...@@ -61,6 +62,7 @@ func SanitiseLogs(logString string) string { ...@@ -61,6 +62,7 @@ func SanitiseLogs(logString string) string {
logString = MaskByteArraysInJsonString(logString) logString = MaskByteArraysInJsonString(logString)
logString = MaskPasswordsInJsonString(logString) logString = MaskPasswordsInJsonString(logString)
logString = MaskCreditCardDetailsInJsonString(logString)
return logString return logString
} }
...@@ -77,6 +79,12 @@ func MaskByteArraysInJsonString(jsonString string) string { ...@@ -77,6 +79,12 @@ func MaskByteArraysInJsonString(jsonString string) string {
return string_utils.ReplaceAllRegexStringSubmatch(byteArrayRegex, jsonString, "...") return string_utils.ReplaceAllRegexStringSubmatch(byteArrayRegex, jsonString, "...")
} }
// MaskCreditCardDetailsInJsonString takes a string and sanitises all the instances of fields named card_number,
// "card_number" will become "{"card_number": "***"}"
func MaskCreditCardDetailsInJsonString(jsonString string) string {
return string_utils.ReplaceAllRegexStringSubmatch(creditCardDetailsRegex, jsonString, "***")
}
func SanitiseFields(fields map[string]interface{}) map[string]interface{} { func SanitiseFields(fields map[string]interface{}) map[string]interface{} {
sanitisedFields := make(map[string]interface{}) sanitisedFields := make(map[string]interface{})
...@@ -491,7 +499,7 @@ func sendRaygunError(fields map[string]interface{}, errToSend error) { ...@@ -491,7 +499,7 @@ func sendRaygunError(fields map[string]interface{}, errToSend error) {
if apiRequest != nil { if apiRequest != nil {
methodAndPath := apiRequest.HTTPMethod + ": " + apiRequest.Path methodAndPath := apiRequest.HTTPMethod + ": " + apiRequest.Path
tags = append(tags, methodAndPath) tags = append(tags, methodAndPath)
fields["body"] = apiRequest.Body fields["body"] = SanitiseLogs(apiRequest.Body)
fields["query"] = apiRequest.QueryStringParameters fields["query"] = apiRequest.QueryStringParameters
fields["identity"] = apiRequest.RequestContext.Identity fields["identity"] = apiRequest.RequestContext.Identity
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment