def test_webob_request_data(self):
rollbar.SETTINGS['scrub_fields'].extend(['token', 'secret', 'cookies', 'authorization'])
import webob
request = webob.Request.blank('/the/path?q=hello&password=hunter2',
base_url = 'http://example.com',
headers = {
'X-Real-Ip': '5.6.7.8',
'Cookies': 'name=value; password=hash;',
'Authorization': 'I am from NSA'
},
POST = 'foo=bar&confirm_password=hunter3&token=secret')
unscrubbed = rollbar._build_webob_request_data(request)
self.assertEqual(unscrubbed['url'], 'http://example.com/the/path?q=hello&password=hunter2')
self.assertEqual(unscrubbed['user_ip'], '5.6.7.8')
self.assertDictEqual(unscrubbed['GET'], {'q': 'hello', 'password': '******'})
self.assertDictEqual(unscrubbed['POST'], {'foo': 'bar', 'confirm_password': '******', 'token': 'secret'})
self.assertEqual('5.6.7.8', unscrubbed['headers']['X-Real-Ip'])
self.assertEqual('name=value; password=hash;', unscrubbed['headers']['Cookies'])
self.assertEqual('I am from NSA', unscrubbed['headers']['Authorization'])
scrubbed = rollbar._scrub_request_data(unscrubbed)
self.assertTrue(
# order might get switched; that's ok
scrubbed['url'] == 'http://example.com/the/path?q=hello&password=-------'
or
scrubbed['url'] == 'http://example.com/the/path?password=-------&q=hello'
)
self.assertDictEqual(scrubbed['GET'], {'q': 'hello', 'password': '******'})
self.assertDictEqual(scrubbed['POST'], {'foo': 'bar', 'confirm_password': '******', 'token': '******'})
self.assertEqual('5.6.7.8', scrubbed['headers']['X-Real-Ip'])
self.assertEqual('**************************', scrubbed['headers']['Cookies'])
self.assertEqual('*************', scrubbed['headers']['Authorization'])
def test_webob_request_data(self):
rollbar.SETTINGS["scrub_fields"].extend(["token", "secret", "cookies", "authorization"])
import webob
request = webob.Request.blank(
"/the/path?q=hello&password=hunter2",
base_url="http://example.com",
headers={"X-Real-Ip": "5.6.7.8", "Cookies": "name=value; password=hash;", "Authorization": "I am from NSA"},
POST="foo=bar&confirm_password=hunter3&token=secret",
)
unscrubbed = rollbar._build_webob_request_data(request)
self.assertEqual(unscrubbed["url"], "http://example.com/the/path?q=hello&password=hunter2")
self.assertEqual(unscrubbed["user_ip"], "5.6.7.8")
self.assertDictEqual(unscrubbed["GET"], {"q": "hello", "password": "******"})
self.assertDictEqual(unscrubbed["POST"], {"foo": "bar", "confirm_password": "******", "token": "secret"})
self.assertEqual("5.6.7.8", unscrubbed["headers"]["X-Real-Ip"])
self.assertEqual("name=value; password=hash;", unscrubbed["headers"]["Cookies"])
self.assertEqual("I am from NSA", unscrubbed["headers"]["Authorization"])
scrubbed = rollbar._scrub_request_data(unscrubbed)
self.assertTrue(
# order might get switched; that's ok
scrubbed["url"] == "http://example.com/the/path?q=hello&password=-------"
or scrubbed["url"] == "http://example.com/the/path?password=-------&q=hello"
)
self.assertDictEqual(scrubbed["GET"], {"q": "hello", "password": "******"})
self.assertDictEqual(scrubbed["POST"], {"foo": "bar", "confirm_password": "******", "token": "******"})
self.assertEqual("5.6.7.8", scrubbed["headers"]["X-Real-Ip"])
self.assertEqual("**************************", scrubbed["headers"]["Cookies"])
self.assertEqual("*************", scrubbed["headers"]["Authorization"])
def test_scrub_webob_request_data(self):
rollbar._initialized = False
rollbar.init(_test_access_token,
locals={'enabled': True},
dummy_key='asdf',
handler='blocking',
timeout=12345,
scrub_fields=rollbar.SETTINGS['scrub_fields'] +
['token', 'secret', 'cookies', 'authorization'])
import webob
request = webob.Request.blank(
'/the/path?q=hello&password=hunter2',
base_url='http://example.com',
headers={
'X-Real-Ip': '5.6.7.8',
'Cookies': 'name=value; password=hash;',
'Authorization': 'I am from NSA'
},
POST='foo=bar&confirm_password=hunter3&token=secret')
unscrubbed = rollbar._build_webob_request_data(request)
self.assertEqual(
unscrubbed['url'],
'http://example.com/the/path?q=hello&password=hunter2')
self.assertEqual(unscrubbed['user_ip'], '5.6.7.8')
self.assertDictEqual(unscrubbed['GET'], {
'q': 'hello',
'password': '******'
})
self.assertDictEqual(unscrubbed['POST'], {
'foo': 'bar',
'confirm_password': '******',
'token': 'secret'
})
self.assertEqual('5.6.7.8', unscrubbed['headers']['X-Real-Ip'])
self.assertEqual('name=value; password=hash;',
unscrubbed['headers']['Cookies'])
self.assertEqual('I am from NSA',
unscrubbed['headers']['Authorization'])
scrubbed = rollbar._transform(unscrubbed)
self.assertRegex(
scrubbed['url'],
r'http://example.com/the/path\?(q=hello&password=-+)|(password=-+&q=hello)'
)
self.assertEqual(scrubbed['GET']['q'], 'hello')
self.assertRegex(scrubbed['GET']['password'], r'\*+')
self.assertEqual(scrubbed['POST']['foo'], 'bar')
self.assertRegex(scrubbed['POST']['confirm_password'], r'\*+')
self.assertRegex(scrubbed['POST']['token'], r'\*+')
self.assertEqual('5.6.7.8', scrubbed['headers']['X-Real-Ip'])
self.assertRegex(scrubbed['headers']['Cookies'], r'\*+')
self.assertRegex(scrubbed['headers']['Authorization'], r'\*+')
def test_webob_request_data(self):
import webob
request = webob.Request.blank('/the/path?q=hello&password=hunter2',
base_url='http://example.com',
headers={'X-Real-Ip': '5.6.7.8'},
POST='foo=bar&confirm_password=hunter3')
unscrubbed = rollbar._build_webob_request_data(request)
self.assertEqual(unscrubbed['url'], 'http://example.com/the/path?q=hello&password=hunter2')
self.assertEqual(unscrubbed['user_ip'], '5.6.7.8')
self.assertDictEqual(unscrubbed['GET'], {'q': 'hello', 'password': '******'})
self.assertDictEqual(unscrubbed['POST'], {'foo': 'bar', 'confirm_password': '******'})
scrubbed = rollbar._scrub_request_data(unscrubbed)
self.assertTrue(
# order might get switched; that's ok
scrubbed['url'] == 'http://example.com/the/path?q=hello&password=-------'
or
scrubbed['url'] == 'http://example.com/the/path?password=-------&q=hello'
)
self.assertDictEqual(unscrubbed['GET'], {'q': 'hello', 'password': '******'})
self.assertDictEqual(unscrubbed['POST'], {'foo': 'bar', 'confirm_password': '******'})
def test_scrub_webob_request_data(self):
rollbar._initialized = False
rollbar.init(_test_access_token, locals={'enabled': True}, dummy_key='asdf', handler='blocking', timeout=12345,
scrub_fields=rollbar.SETTINGS['scrub_fields'] + ['token', 'secret', 'cookies', 'authorization'])
import webob
request = webob.Request.blank('/the/path?q=hello&password=hunter2',
base_url='http://example.com',
headers={
'X-Real-Ip': '5.6.7.8',
'Cookies': 'name=value; password=hash;',
'Authorization': 'I am from NSA'
},
POST='foo=bar&confirm_password=hunter3&token=secret')
unscrubbed = rollbar._build_webob_request_data(request)
self.assertEqual(unscrubbed['url'], 'http://example.com/the/path?q=hello&password=hunter2')
self.assertEqual(unscrubbed['user_ip'], '5.6.7.8')
self.assertDictEqual(unscrubbed['GET'], {'q': 'hello', 'password': '******'})
self.assertDictEqual(unscrubbed['POST'], {'foo': 'bar', 'confirm_password': '******', 'token': 'secret'})
self.assertEqual('5.6.7.8', unscrubbed['headers']['X-Real-Ip'])
self.assertEqual('name=value; password=hash;', unscrubbed['headers']['Cookies'])
self.assertEqual('I am from NSA', unscrubbed['headers']['Authorization'])
scrubbed = rollbar._transform(unscrubbed)
self.assertRegex(scrubbed['url'], r'http://example.com/the/path\?(q=hello&password=-+)|(password=-+&q=hello)')
self.assertEqual(scrubbed['GET']['q'], 'hello')
self.assertRegex(scrubbed['GET']['password'], r'\*+')
self.assertEqual(scrubbed['POST']['foo'], 'bar')
self.assertRegex(scrubbed['POST']['confirm_password'], r'\*+')
self.assertRegex(scrubbed['POST']['token'], r'\*+')
self.assertEqual('5.6.7.8', scrubbed['headers']['X-Real-Ip'])
self.assertRegex(scrubbed['headers']['Cookies'], r'\*+')
self.assertRegex(scrubbed['headers']['Authorization'], r'\*+')
def test_webob_request_data(self):
import webob
request = webob.Request.blank('/the/path?q=hello&password=hunter2',
base_url='http://example.com',
headers={'X-Real-Ip': '5.6.7.8'},
POST='foo=bar&confirm_password=hunter3')
unscrubbed = rollbar._build_webob_request_data(request)
self.assertEqual(
unscrubbed['url'],
'http://example.com/the/path?q=hello&password=hunter2')
self.assertEqual(unscrubbed['user_ip'], '5.6.7.8')
self.assertDictEqual(unscrubbed['GET'], {
'q': 'hello',
'password': '******'
})
self.assertDictEqual(unscrubbed['POST'], {
'foo': 'bar',
'confirm_password': '******'
})
scrubbed = rollbar._scrub_request_data(unscrubbed)
self.assertTrue(
# order might get switched; that's ok
scrubbed['url']
== 'http://example.com/the/path?q=hello&password=-------'
or scrubbed['url']
== 'http://example.com/the/path?password=-------&q=hello')
self.assertDictEqual(unscrubbed['GET'], {
'q': 'hello',
'password': '******'
})
self.assertDictEqual(unscrubbed['POST'], {
'foo': 'bar',
'confirm_password': '******'
})
