def test_stacktrace(self): data = { 'stacktrace': { 'frames': [ { 'vars': { 'foo': 'bar', 'password': '******', 'the_secret': 'hello', 'a_password_here': 'hello', }, } ] } } proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('stacktrace' in result) stack = result['stacktrace'] self.assertTrue('frames' in stack) self.assertEquals(len(stack['frames']), 1) frame = stack['frames'][0] self.assertTrue('vars' in frame) vars = frame['vars'] self.assertTrue('foo' in vars) self.assertEquals(vars['foo'], 'bar') self.assertTrue('password' in vars) self.assertEquals(vars['password'], proc.MASK) self.assertTrue('the_secret' in vars) self.assertEquals(vars['the_secret'], proc.MASK) self.assertTrue('a_password_here' in vars) self.assertEquals(vars['a_password_here'], proc.MASK)
def test_non_utf8_encoding(self): data = { 'http': { 'query_string': six.b('broken=') + u"aéöüa".encode('latin-1') } } proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) assert result['http']['query_string'] == u'broken=a\ufffd\ufffd\ufffda'
def test_post_as_string(self): data = { 'http': { 'data': six.b('password=evil&api_key=evil&harmless=bar'), } } proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('http' in result) http = result['http'] assert 'evil' not in force_text(http['data'])
def test_post_as_string(self): data = { 'http': { 'data': six.b('password=evil&api_key=evil&harmless=bar'), } } proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('http' in result) http = result['http'] assert 'evil' not in force_text(http['data'])
def test_querystring_as_string(self): data = { 'http': { 'query_string': 'foo=bar&password=hello&the_secret=hello&a_password_here=hello', } } proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('http' in result) http = result['http'] self.assertEquals(http['query_string'], 'foo=bar&password=%(m)s&the_secret=%(m)s&a_password_here=%(m)s' % dict(m=proc.MASK))
def test_querystring_as_string_with_partials(self): data = { 'http': { 'query_string': 'foo=bar&password&baz=bar', } } proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('http' in result) http = result['http'] self.assertEquals(http['query_string'], 'foo=bar&password&baz=bar' % dict(m=proc.MASK))
def test_http(self): data = { 'http': { 'data': { 'foo': 'bar', 'password': '******', 'the_secret': 'hello', 'a_password_here': 'hello', }, 'env': { 'foo': 'bar', 'password': '******', 'the_secret': 'hello', 'a_password_here': 'hello', }, 'headers': { 'foo': 'bar', 'password': '******', 'the_secret': 'hello', 'a_password_here': 'hello', }, 'cookies': { 'foo': 'bar', 'password': '******', 'the_secret': 'hello', 'a_password_here': 'hello', }, } } proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('http' in result) http = result['http'] for n in ('data', 'env', 'headers', 'cookies'): self.assertTrue(n in http) vars = http[n] self.assertTrue('foo' in vars) self.assertEquals(vars['foo'], 'bar') self.assertTrue('password' in vars) self.assertEquals(vars['password'], proc.MASK) self.assertTrue('the_secret' in vars) self.assertEquals(vars['the_secret'], proc.MASK) self.assertTrue('a_password_here' in vars) self.assertEquals(vars['a_password_here'], proc.MASK)