Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

remove password from log messages #273

Open
e-maud opened this issue Jul 29, 2019 · 4 comments
Open

remove password from log messages #273

e-maud opened this issue Jul 29, 2019 · 4 comments
Labels
stale

Comments

@e-maud
Copy link

e-maud commented Jul 29, 2019

For security reasons, would it be possible to anonymized the URL in log messages of send_request, i.e. removing at least the password?
@acdha
Copy link
Collaborator

acdha commented Jul 29, 2019

I think you could configure a logging filter for that to avoid the password being logged. Out of curiosity, have you looked at what requests/urllib3 is logging? I'm wondering whether the easiest fix would simply be to remove

pysolr/pysolr.py

Line 383 in c24036f

"Starting request to '%s' (%s) with body '%s'...",
and

pysolr/pysolr.py

Line 427 in c24036f

"Finished '%s' (%s) with body '%s' in %0.3f seconds, with status %s",
but I guess we'd still need to redact usage in exceptions. This feels like something which requests/urllib3 should have something reusable since it's fairly common.

@e-maud
Copy link
Author

e-maud commented Jul 29, 2019

Thanks for the answer.

I would not remove L383 and 427 as it is exactly those ones I need to monitor the indexing (!) More precisely, I am using the status return code.

I did log requests/urllib:

import http.client
http.client.HTTPConnection.debuglevel = 1
logging.getLogger("requests.packages.urllib3").setLevel(logging.INFO)

but it's impossible to read as it consists in the (big) list of docs to index. However I noticed that the password was somehow encrypted, and double-checked here: https://github.com/psf/requests/blob/a4c18cd733f97b5659a29589432d8a39e7a0de87/requests/auth.py#L66, where b64encode is indeed used.

One option would be use regex to clean up the pass (to be tested thoroughly, though):

import re
url = "https://myuser:12345weakpass@myserver.org/solr/collection/update/"
new_url = re.sub('(https://[^:]+:)([^@]+)(@.+)', r'\1password\3', s)
=> 'https://myuser:password@myserver.org/solr/collection/update/'

@acdha
Copy link
Collaborator

acdha commented Jul 29, 2019

I was thinking it might be safest to urlparse it when the Solr object is instantiated and use that to construct a sanitized URL which could be used in the logging / exception paths.

@stale
Copy link

stale bot commented Oct 27, 2019

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the stale label Oct 27, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@acdha @e-maud