diff options
Diffstat (limited to 'development/jupyter_server/redact_tokens_from_logs.patch')
| -rw-r--r-- | development/jupyter_server/redact_tokens_from_logs.patch | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/development/jupyter_server/redact_tokens_from_logs.patch b/development/jupyter_server/redact_tokens_from_logs.patch new file mode 100644 index 0000000000..74ac1b9196 --- /dev/null +++ b/development/jupyter_server/redact_tokens_from_logs.patch @@ -0,0 +1,60 @@ +--- a/jupyter_server/log.py ++++ b/jupyter_server/log.py +@@ -6,12 +6,39 @@ + # the file COPYING, distributed as part of this software. + # ----------------------------------------------------------------------------- + import json ++from urllib.parse import urlparse, urlunparse + + from tornado.log import access_log + + from .auth import User + from .prometheus.log_functions import prometheus_log_method + ++# url params to be scrubbed if seen ++# any url param that *contains* one of these ++# will be scrubbed from logs ++_SCRUB_PARAM_KEYS = {"token", "auth", "key", "code", "state", "xsrf"} ++ ++ ++def _scrub_uri(uri: str) -> str: ++ """scrub auth info from uri""" ++ parsed = urlparse(uri) ++ if parsed.query: ++ # check for potentially sensitive url params ++ # use manual list + split rather than parsing ++ # to minimally perturb original ++ parts = parsed.query.split("&") ++ changed = False ++ for i, s in enumerate(parts): ++ key, sep, value = s.partition("=") ++ for substring in _SCRUB_PARAM_KEYS: ++ if substring in key: ++ parts[i] = f"{key}{sep}[secret]" ++ changed = True ++ if changed: ++ parsed = parsed._replace(query="&".join(parts)) ++ return urlunparse(parsed) ++ return uri ++ + + def log_request(handler): + """log a bit more information about each request than tornado's default +@@ -43,7 +70,7 @@ + "status": status, + "method": request.method, + "ip": request.remote_ip, +- "uri": request.uri, ++ "uri": _scrub_uri(request.uri), + "request_time": request_time, + } + # log username +@@ -59,7 +86,7 @@ + msg = "{status} {method} {uri} ({username}@{ip}) {request_time:.2f}ms" + if status >= 400: # noqa[PLR2004] + # log bad referers +- ns["referer"] = request.headers.get("Referer", "None") ++ ns["referer"] = _scrub_uri(request.headers.get("Referer", "None")) + msg = msg + " referer={referer}" + if status >= 500 and status != 502: # noqa[PLR2004] + # Log a subset of the headers if it caused an error. |