error_support/redact.rs
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
//! Functions to redact strings to remove PII before logging them
/// Redact a URL.
///
/// It's tricky to redact an URL without revealing PII. We check for various known bad URL forms
/// and report them, otherwise we just log "<URL>".
pub fn redact_url(url: &str) -> String {
if url.is_empty() {
return "<URL (empty)>".to_string();
}
match url.find(':') {
None => "<URL (no scheme)>".to_string(),
Some(n) => {
let mut chars = url[0..n].chars();
match chars.next() {
// No characters in the scheme
None => return "<URL (empty scheme)>".to_string(),
Some(c) => {
// First character must be alphabetic
if !c.is_ascii_alphabetic() {
return "<URL (invalid scheme)>".to_string();
}
}
}
for c in chars {
// Subsequent characters must be in the set ( alpha | digit | "+" | "-" | "." )
if !(c.is_ascii_alphanumeric() || c == '+' || c == '-' || c == '.') {
return "<URL (invalid scheme)>".to_string();
}
}
"<URL>".to_string()
}
}
}
/// Redact compact jwe string (Five base64 segments, separated by `.` chars)
pub fn redact_compact_jwe(url: &str) -> String {
url.replace(|ch| ch != '.', "x")
}
#[cfg(test)]
mod test {
use super::*;
#[test]
fn test_redact_url() {
assert_eq!(redact_url("http://some.website.com/index.html"), "<URL>");
assert_eq!(redact_url("about:config"), "<URL>");
assert_eq!(redact_url(""), "<URL (empty)>");
assert_eq!(redact_url("://some.website.com/"), "<URL (empty scheme)>");
assert_eq!(redact_url("some.website.com/"), "<URL (no scheme)>");
assert_eq!(redact_url("some.website.com/"), "<URL (no scheme)>");
assert_eq!(
redact_url("abc%@=://some.website.com/"),
"<URL (invalid scheme)>"
);
assert_eq!(
redact_url("0https://some.website.com/"),
"<URL (invalid scheme)>"
);
assert_eq!(
redact_url("a+weird-but.lega1-SCHEME://some.website.com/"),
"<URL>"
);
}
#[test]
fn test_redact_compact_jwe() {
assert_eq!(redact_compact_jwe("abc.1234.x3243"), "xxx.xxxx.xxxxx")
}
}