Move password masking out of logging clients where possible (#2762)
Move password masking functionality into LoggerController. The is a more aggresive approach to masking password string in the logs. Cleaning the url is still in the PromiseRouter because picking it out of the log string would be fragile. This will cause more log messages to be scanned for password strings, and may cause a password string to be obsfucated that is not neccesarily part of parse internals -- but i think that is still a good thing.... see: #2755 & #2680
This commit is contained in:
Arthur Cinader
committed by
Florent Vilmart
Florent Vilmart
parent
ad707457be
commit
a41cbcbc7f
@@ -125,10 +125,10 @@ export class FunctionsRouter extends PromiseRouter {
|
||||
|
||||
return new Promise(function (resolve, reject) {
|
||||
const userString = (req.auth && req.auth.user) ? req.auth.user.id : undefined;
|
||||
const cleanInput = logger.cleanAndTruncateLogMessage(JSON.stringify(params));
|
||||
const cleanInput = logger.truncateLogMessage(JSON.stringify(params));
|
||||
var response = FunctionsRouter.createResponseObject((result) => {
|
||||
try {
|
||||
const cleanResult = logger.cleanAndTruncateLogMessage(JSON.stringify(result.response.result));
|
||||
const cleanResult = logger.truncateLogMessage(JSON.stringify(result.response.result));
|
||||
logger.info(`Ran cloud function ${functionName} for user ${userString} `
|
||||
+ `with:\n Input: ${cleanInput }\n Result: ${cleanResult }`, {
|
||||
functionName,
|
||||
|
||||
Reference in New Issue
Block a user