From 3c1b1ca78e93fb464a5bb64aae9d845bc9f0b9c0 Mon Sep 17 00:00:00 2001 From: Ethan Koenig Date: Sun, 3 Dec 2017 17:48:03 -0800 Subject: Fix error message sanitiziation (#3082) --- modules/util/sanitize.go | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 modules/util/sanitize.go (limited to 'modules/util/sanitize.go') diff --git a/modules/util/sanitize.go b/modules/util/sanitize.go new file mode 100644 index 0000000000..b1c17b29cf --- /dev/null +++ b/modules/util/sanitize.go @@ -0,0 +1,48 @@ +// Copyright 2017 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package util + +import ( + "net/url" + "strings" +) + +// urlSafeError wraps an error whose message may contain a sensitive URL +type urlSafeError struct { + err error + unsanitizedURL string +} + +func (err urlSafeError) Error() string { + return SanitizeMessage(err.err.Error(), err.unsanitizedURL) +} + +// URLSanitizedError returns the sanitized version an error whose message may +// contain a sensitive URL +func URLSanitizedError(err error, unsanitizedURL string) error { + return urlSafeError{err: err, unsanitizedURL: unsanitizedURL} +} + +// SanitizeMessage sanitizes a message which may contains a sensitive URL +func SanitizeMessage(message, unsanitizedURL string) string { + sanitizedURL := SanitizeURLCredentials(unsanitizedURL, true) + return strings.Replace(message, unsanitizedURL, sanitizedURL, -1) +} + +// SanitizeURLCredentials sanitizes a url, either removing user credentials +// or replacing them with a placeholder. +func SanitizeURLCredentials(unsanitizedURL string, usePlaceholder bool) string { + u, err := url.Parse(unsanitizedURL) + if err != nil { + // don't log the error, since it might contain unsanitized URL. + return "(unparsable url)" + } + if u.User != nil && usePlaceholder { + u.User = url.User("") + } else { + u.User = nil + } + return u.String() +} -- cgit v1.2.3