This is an automated email from the ASF dual-hosted git repository. vatamane pushed a commit to branch 3.3.x in repository https://gitbox.apache.org/repos/asf/couchdb.git
commit 6ce61beccd6c256b5fdd9a5fa1b4e4f0d0c9b37c Author: Nick Vatamaniuc <[email protected]> AuthorDate: Wed Sep 13 14:51:54 2023 -0400 Remove sensitive headers from the mochiweb request in pdict Previously we saved the request "as-is", mainly to inspect it later and see if the client socket stays open during long running requests. In case of a crash there is some chance the coordinator would dump its process dictionary to the logs. So it seems prudent to remove sensitive headers from it before saving it in the process dictionary. --- src/chttpd/src/chttpd_util.erl | 14 +++++++++++++- src/chttpd/test/eunit/chttpd_util_test.erl | 21 +++++++++++++++++++++ 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/src/chttpd/src/chttpd_util.erl b/src/chttpd/src/chttpd_util.erl index 4dc590949..7e7338bd8 100644 --- a/src/chttpd/src/chttpd_util.erl +++ b/src/chttpd/src/chttpd_util.erl @@ -121,7 +121,19 @@ get_db_info(DbName) -> end. mochiweb_client_req_set(ClientReq) -> - put(?MOCHIWEB_CLIENT_REQ, ClientReq). + Method = mochiweb_request:get(method, ClientReq), + Socket = mochiweb_request:get(socket, ClientReq), + Path = mochiweb_request:get(raw_path, ClientReq), + Version = mochiweb_request:get(version, ClientReq), + Opts = mochiweb_request:get(opts, ClientReq), + Headers = mochiweb_request:get(headers, ClientReq), + % Remove any senstive info in case process dict gets dumped + % to the logs at some point + Headers1 = mochiweb_headers:delete_any("Authorization", Headers), + Headers2 = mochiweb_headers:delete_any("Cookie", Headers1), + Headers3 = mochiweb_headers:delete_any("X-Auth-CouchDB-Token", Headers2), + ClientReq1 = mochiweb_request:new(Socket, Opts, Method, Path, Version, Headers3), + put(?MOCHIWEB_CLIENT_REQ, ClientReq1). mochiweb_client_req_clean() -> erase(?MOCHIWEB_CLIENT_REQ). diff --git a/src/chttpd/test/eunit/chttpd_util_test.erl b/src/chttpd/test/eunit/chttpd_util_test.erl index fbfd532cc..1d692d623 100644 --- a/src/chttpd/test/eunit/chttpd_util_test.erl +++ b/src/chttpd/test/eunit/chttpd_util_test.erl @@ -121,6 +121,7 @@ chttpd_util_client_socker_monitor_test_() -> fun test_util:stop_couch/1, with([ ?TDEF(t_client_req_set_get_clean), + ?TDEF(t_client_req_sensitive_headers_are_removed), ?TDEF(t_client_req_check_config), ?TDEF(t_closed_socket_kills_coordinator) ]) @@ -137,6 +138,26 @@ t_client_req_set_get_clean(_) -> ?assertEqual(undefined, chttpd_util:mochiweb_client_req_get()), gen_tcp:close(Sock). +t_client_req_sensitive_headers_are_removed(_) -> + {ok, Sock} = gen_tcp:listen(0, [{active, false}]), + Headers = [ + {"AutHoriZatioN", "Basic s3cr3t"}, + {"COOkiE", "C00kie"}, + {"x-AUth-CouchDB-TokeN", "S3cr3tT0k3n"}, + {"other", "oth3r"} + ], + ClientReq = mochiweb:new_request({Sock, {'GET', "/foo", {1, 1}}, Headers}), + chttpd_util:mochiweb_client_req_set(ClientReq), + ResReq = chttpd_util:mochiweb_client_req_get(), + ?assertEqual(Sock, mochiweb_request:get(socket, ResReq)), + ?assertEqual('GET', mochiweb_request:get(method, ResReq)), + ?assertEqual([], mochiweb_request:get(opts, ResReq)), + ?assertEqual({1, 1}, mochiweb_request:get(version, ResReq)), + ?assertEqual("/foo", mochiweb_request:get(raw_path, ResReq)), + ResHeaders = mochiweb_request:get(headers, ResReq), + ?assertEqual([{"other", "oth3r"}], mochiweb_headers:to_list(ResHeaders)), + gen_tcp:close(Sock). + t_client_req_check_config(_) -> config:set("chttpd", "disconnect_check_msec", "100", false), config:set("chttpd", "disconnect_check_jitter_msec", "50", false),
