def test_webob_request_data(self): rollbar.SETTINGS['scrub_fields'].extend(['token', 'secret', 'cookies', 'authorization']) import webob request = webob.Request.blank('/the/path?q=hello&password=hunter2', base_url = 'http://example.com', headers = { 'X-Real-Ip': '5.6.7.8', 'Cookies': 'name=value; password=hash;', 'Authorization': 'I am from NSA' }, POST = 'foo=bar&confirm_password=hunter3&token=secret') unscrubbed = rollbar._build_webob_request_data(request) self.assertEqual(unscrubbed['url'], 'http://example.com/the/path?q=hello&password=hunter2') self.assertEqual(unscrubbed['user_ip'], '5.6.7.8') self.assertDictEqual(unscrubbed['GET'], {'q': 'hello', 'password': '******'}) self.assertDictEqual(unscrubbed['POST'], {'foo': 'bar', 'confirm_password': '******', 'token': 'secret'}) self.assertEqual('5.6.7.8', unscrubbed['headers']['X-Real-Ip']) self.assertEqual('name=value; password=hash;', unscrubbed['headers']['Cookies']) self.assertEqual('I am from NSA', unscrubbed['headers']['Authorization']) scrubbed = rollbar._scrub_request_data(unscrubbed) self.assertTrue( # order might get switched; that's ok scrubbed['url'] == 'http://example.com/the/path?q=hello&password=-------' or scrubbed['url'] == 'http://example.com/the/path?password=-------&q=hello' ) self.assertDictEqual(scrubbed['GET'], {'q': 'hello', 'password': '******'}) self.assertDictEqual(scrubbed['POST'], {'foo': 'bar', 'confirm_password': '******', 'token': '******'}) self.assertEqual('5.6.7.8', scrubbed['headers']['X-Real-Ip']) self.assertEqual('**************************', scrubbed['headers']['Cookies']) self.assertEqual('*************', scrubbed['headers']['Authorization'])
def test_webob_request_data(self): rollbar.SETTINGS["scrub_fields"].extend(["token", "secret", "cookies", "authorization"]) import webob request = webob.Request.blank( "/the/path?q=hello&password=hunter2", base_url="http://example.com", headers={"X-Real-Ip": "5.6.7.8", "Cookies": "name=value; password=hash;", "Authorization": "I am from NSA"}, POST="foo=bar&confirm_password=hunter3&token=secret", ) unscrubbed = rollbar._build_webob_request_data(request) self.assertEqual(unscrubbed["url"], "http://example.com/the/path?q=hello&password=hunter2") self.assertEqual(unscrubbed["user_ip"], "5.6.7.8") self.assertDictEqual(unscrubbed["GET"], {"q": "hello", "password": "******"}) self.assertDictEqual(unscrubbed["POST"], {"foo": "bar", "confirm_password": "******", "token": "secret"}) self.assertEqual("5.6.7.8", unscrubbed["headers"]["X-Real-Ip"]) self.assertEqual("name=value; password=hash;", unscrubbed["headers"]["Cookies"]) self.assertEqual("I am from NSA", unscrubbed["headers"]["Authorization"]) scrubbed = rollbar._scrub_request_data(unscrubbed) self.assertTrue( # order might get switched; that's ok scrubbed["url"] == "http://example.com/the/path?q=hello&password=-------" or scrubbed["url"] == "http://example.com/the/path?password=-------&q=hello" ) self.assertDictEqual(scrubbed["GET"], {"q": "hello", "password": "******"}) self.assertDictEqual(scrubbed["POST"], {"foo": "bar", "confirm_password": "******", "token": "******"}) self.assertEqual("5.6.7.8", scrubbed["headers"]["X-Real-Ip"]) self.assertEqual("**************************", scrubbed["headers"]["Cookies"]) self.assertEqual("*************", scrubbed["headers"]["Authorization"])
def test_scrub_webob_request_data(self): rollbar._initialized = False rollbar.init(_test_access_token, locals={'enabled': True}, dummy_key='asdf', handler='blocking', timeout=12345, scrub_fields=rollbar.SETTINGS['scrub_fields'] + ['token', 'secret', 'cookies', 'authorization']) import webob request = webob.Request.blank( '/the/path?q=hello&password=hunter2', base_url='http://example.com', headers={ 'X-Real-Ip': '5.6.7.8', 'Cookies': 'name=value; password=hash;', 'Authorization': 'I am from NSA' }, POST='foo=bar&confirm_password=hunter3&token=secret') unscrubbed = rollbar._build_webob_request_data(request) self.assertEqual( unscrubbed['url'], 'http://example.com/the/path?q=hello&password=hunter2') self.assertEqual(unscrubbed['user_ip'], '5.6.7.8') self.assertDictEqual(unscrubbed['GET'], { 'q': 'hello', 'password': '******' }) self.assertDictEqual(unscrubbed['POST'], { 'foo': 'bar', 'confirm_password': '******', 'token': 'secret' }) self.assertEqual('5.6.7.8', unscrubbed['headers']['X-Real-Ip']) self.assertEqual('name=value; password=hash;', unscrubbed['headers']['Cookies']) self.assertEqual('I am from NSA', unscrubbed['headers']['Authorization']) scrubbed = rollbar._transform(unscrubbed) self.assertRegex( scrubbed['url'], r'http://example.com/the/path\?(q=hello&password=-+)|(password=-+&q=hello)' ) self.assertEqual(scrubbed['GET']['q'], 'hello') self.assertRegex(scrubbed['GET']['password'], r'\*+') self.assertEqual(scrubbed['POST']['foo'], 'bar') self.assertRegex(scrubbed['POST']['confirm_password'], r'\*+') self.assertRegex(scrubbed['POST']['token'], r'\*+') self.assertEqual('5.6.7.8', scrubbed['headers']['X-Real-Ip']) self.assertRegex(scrubbed['headers']['Cookies'], r'\*+') self.assertRegex(scrubbed['headers']['Authorization'], r'\*+')
def test_webob_request_data(self): import webob request = webob.Request.blank('/the/path?q=hello&password=hunter2', base_url='http://example.com', headers={'X-Real-Ip': '5.6.7.8'}, POST='foo=bar&confirm_password=hunter3') unscrubbed = rollbar._build_webob_request_data(request) self.assertEqual(unscrubbed['url'], 'http://example.com/the/path?q=hello&password=hunter2') self.assertEqual(unscrubbed['user_ip'], '5.6.7.8') self.assertDictEqual(unscrubbed['GET'], {'q': 'hello', 'password': '******'}) self.assertDictEqual(unscrubbed['POST'], {'foo': 'bar', 'confirm_password': '******'}) scrubbed = rollbar._scrub_request_data(unscrubbed) self.assertTrue( # order might get switched; that's ok scrubbed['url'] == 'http://example.com/the/path?q=hello&password=-------' or scrubbed['url'] == 'http://example.com/the/path?password=-------&q=hello' ) self.assertDictEqual(unscrubbed['GET'], {'q': 'hello', 'password': '******'}) self.assertDictEqual(unscrubbed['POST'], {'foo': 'bar', 'confirm_password': '******'})
def test_scrub_webob_request_data(self): rollbar._initialized = False rollbar.init(_test_access_token, locals={'enabled': True}, dummy_key='asdf', handler='blocking', timeout=12345, scrub_fields=rollbar.SETTINGS['scrub_fields'] + ['token', 'secret', 'cookies', 'authorization']) import webob request = webob.Request.blank('/the/path?q=hello&password=hunter2', base_url='http://example.com', headers={ 'X-Real-Ip': '5.6.7.8', 'Cookies': 'name=value; password=hash;', 'Authorization': 'I am from NSA' }, POST='foo=bar&confirm_password=hunter3&token=secret') unscrubbed = rollbar._build_webob_request_data(request) self.assertEqual(unscrubbed['url'], 'http://example.com/the/path?q=hello&password=hunter2') self.assertEqual(unscrubbed['user_ip'], '5.6.7.8') self.assertDictEqual(unscrubbed['GET'], {'q': 'hello', 'password': '******'}) self.assertDictEqual(unscrubbed['POST'], {'foo': 'bar', 'confirm_password': '******', 'token': 'secret'}) self.assertEqual('5.6.7.8', unscrubbed['headers']['X-Real-Ip']) self.assertEqual('name=value; password=hash;', unscrubbed['headers']['Cookies']) self.assertEqual('I am from NSA', unscrubbed['headers']['Authorization']) scrubbed = rollbar._transform(unscrubbed) self.assertRegex(scrubbed['url'], r'http://example.com/the/path\?(q=hello&password=-+)|(password=-+&q=hello)') self.assertEqual(scrubbed['GET']['q'], 'hello') self.assertRegex(scrubbed['GET']['password'], r'\*+') self.assertEqual(scrubbed['POST']['foo'], 'bar') self.assertRegex(scrubbed['POST']['confirm_password'], r'\*+') self.assertRegex(scrubbed['POST']['token'], r'\*+') self.assertEqual('5.6.7.8', scrubbed['headers']['X-Real-Ip']) self.assertRegex(scrubbed['headers']['Cookies'], r'\*+') self.assertRegex(scrubbed['headers']['Authorization'], r'\*+')
def test_webob_request_data(self): import webob request = webob.Request.blank('/the/path?q=hello&password=hunter2', base_url='http://example.com', headers={'X-Real-Ip': '5.6.7.8'}, POST='foo=bar&confirm_password=hunter3') unscrubbed = rollbar._build_webob_request_data(request) self.assertEqual( unscrubbed['url'], 'http://example.com/the/path?q=hello&password=hunter2') self.assertEqual(unscrubbed['user_ip'], '5.6.7.8') self.assertDictEqual(unscrubbed['GET'], { 'q': 'hello', 'password': '******' }) self.assertDictEqual(unscrubbed['POST'], { 'foo': 'bar', 'confirm_password': '******' }) scrubbed = rollbar._scrub_request_data(unscrubbed) self.assertTrue( # order might get switched; that's ok scrubbed['url'] == 'http://example.com/the/path?q=hello&password=-------' or scrubbed['url'] == 'http://example.com/the/path?password=-------&q=hello') self.assertDictEqual(unscrubbed['GET'], { 'q': 'hello', 'password': '******' }) self.assertDictEqual(unscrubbed['POST'], { 'foo': 'bar', 'confirm_password': '******' })