def test_stacktrace(self): data = { 'sentry.interfaces.Stacktrace': { 'frames': [{ 'vars': { 'foo': 'bar', 'password': '******', 'the_secret': 'hello', 'a_password_here': 'hello', }, }] } } proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('sentry.interfaces.Stacktrace' in result) stack = result['sentry.interfaces.Stacktrace'] self.assertTrue('frames' in stack) self.assertEquals(len(stack['frames']), 1) frame = stack['frames'][0] self.assertTrue('vars' in frame) vars = frame['vars'] self.assertTrue('foo' in vars) self.assertEquals(vars['foo'], 'bar') self.assertTrue('password' in vars) self.assertEquals(vars['password'], proc.MASK) self.assertTrue('the_secret' in vars) self.assertEquals(vars['the_secret'], proc.MASK) self.assertTrue('a_password_here' in vars) self.assertEquals(vars['a_password_here'], proc.MASK)
def test_stacktrace(self): data = { 'sentry.interfaces.Stacktrace': { 'frames': [ { 'vars': { 'foo': 'bar', 'password': '******', 'the_secret': 'hello', 'a_password_here': 'hello', }, } ] } } proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('sentry.interfaces.Stacktrace' in result) stack = result['sentry.interfaces.Stacktrace'] self.assertTrue('frames' in stack) self.assertEquals(len(stack['frames']), 1) frame = stack['frames'][0] self.assertTrue('vars' in frame) vars = frame['vars'] self.assertTrue('foo' in vars) self.assertEquals(vars['foo'], 'bar') self.assertTrue('password' in vars) self.assertEquals(vars['password'], proc.MASK) self.assertTrue('the_secret' in vars) self.assertEquals(vars['the_secret'], proc.MASK) self.assertTrue('a_password_here' in vars) self.assertEquals(vars['a_password_here'], proc.MASK)
def test_extra(self): data = get_extra_data() proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('extra' in result) extra = result['extra'] self._check_vars_sanitized(extra, proc)
def test_cookie_as_string_with_partials(self): data = get_http_data() data['request']['cookies'] = 'foo=bar;password;baz=bar' proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('request' in result) http = result['request'] self.assertEquals(http['cookies'], 'foo=bar;password;baz=bar' % dict(m=proc.MASK))
def test_cookie_as_string_with_partials(self): data = get_http_data() data["request"]["cookies"] = "foo=bar;password;baz=bar" proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue("request" in result) http = result["request"] self.assertEquals(http["cookies"], "foo=bar;password;baz=bar" % dict(m=proc.MASK))
def test_http(self): data = get_http_data() proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('request' in result) http = result['request'] for n in ('data', 'env', 'headers', 'cookies'): self.assertTrue(n in http) self._check_vars_sanitized(http[n], proc)
def test_http(self): data = get_http_data() proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue("request" in result) http = result["request"] for n in ("data", "env", "headers", "cookies"): self.assertTrue(n in http) self._check_vars_sanitized(http[n], proc)
def test_querystring_as_string(self): data = { 'sentry.interfaces.Http': { 'query_string': 'foo=bar&password=hello&the_secret=hello&a_password_here=hello', } } proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('sentry.interfaces.Http' in result) http = result['sentry.interfaces.Http'] self.assertEquals(http['query_string'], 'foo=bar&password=%(m)s&the_secret=%(m)s&a_password_here=%(m)s' % dict(m=proc.MASK))
def test_cookie_as_string(self): data = get_http_data() data['request']['cookies'] = 'foo=bar;password=hello;the_secret=hello'\ ';a_password_here=hello;api_key=secret_key' proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('request' in result) http = result['request'] self.assertEquals( http['cookies'], 'foo=bar;password=%(m)s;the_secret=%(m)s' ';a_password_here=%(m)s;api_key=%(m)s' % dict(m=proc.MASK))
def test_querystring_as_string(self): data = get_http_data() data['request']['query_string'] = 'foo=bar&password=hello&the_secret=hello'\ '&a_password_here=hello&api_key=secret_key' proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('request' in result) http = result['request'] self.assertEquals( http['query_string'], 'foo=bar&password=%(m)s&the_secret=%(m)s' '&a_password_here=%(m)s&api_key=%(m)s' % dict(m=proc.MASK))
def test_querystring_as_string_with_partials(self): data = { 'sentry.interfaces.Http': { 'query_string': 'foo=bar&password&baz=bar', } } proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('sentry.interfaces.Http' in result) http = result['sentry.interfaces.Http'] self.assertEquals(http['query_string'], 'foo=bar&password&baz=bar' % dict(m=proc.MASK))
def test_cookie_as_string(self): data = get_http_data() data["request"]["cookies"] = ( "foo=bar;password=hello;the_secret=hello" ";a_password_here=hello;api_key=secret_key" ) proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue("request" in result) http = result["request"] self.assertEquals( http["cookies"], "foo=bar;password=%(m)s;the_secret=%(m)s" ";a_password_here=%(m)s;api_key=%(m)s" % dict(m=proc.MASK), )
def test_http(self): data = { 'sentry.interfaces.Http': { 'data': { 'foo': 'bar', 'password': '******', 'the_secret': 'hello', 'a_password_here': 'hello', }, 'env': { 'foo': 'bar', 'password': '******', 'the_secret': 'hello', 'a_password_here': 'hello', }, 'headers': { 'foo': 'bar', 'password': '******', 'the_secret': 'hello', 'a_password_here': 'hello', }, 'cookies': { 'foo': 'bar', 'password': '******', 'the_secret': 'hello', 'a_password_here': 'hello', }, } } proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('sentry.interfaces.Http' in result) http = result['sentry.interfaces.Http'] for n in ('data', 'env', 'headers', 'cookies'): self.assertTrue(n in http) vars = http[n] self.assertTrue('foo' in vars) self.assertEquals(vars['foo'], 'bar') self.assertTrue('password' in vars) self.assertEquals(vars['password'], proc.MASK) self.assertTrue('the_secret' in vars) self.assertEquals(vars['the_secret'], proc.MASK) self.assertTrue('a_password_here' in vars) self.assertEquals(vars['a_password_here'], proc.MASK)
def test_stacktrace(self): data = { 'sentry.interfaces.Stacktrace': { 'frames': [{'vars': VARS}], } } proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('sentry.interfaces.Stacktrace' in result) stack = result['sentry.interfaces.Stacktrace'] self.assertTrue('frames' in stack) self.assertEquals(len(stack['frames']), 1) frame = stack['frames'][0] self.assertTrue('vars' in frame) self._check_vars_sanitized(frame['vars'], proc)
def test_http(self): data = { 'sentry.interfaces.Http': { 'data': VARS, 'env': VARS, 'headers': VARS, 'cookies': VARS, } } proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('sentry.interfaces.Http' in result) http = result['sentry.interfaces.Http'] for n in ('data', 'env', 'headers', 'cookies'): self.assertTrue(n in http) self._check_vars_sanitized(http[n], proc)
def test_stacktrace(self): data = { 'stacktrace': { 'frames': [{ 'vars': VARS }], } } proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) self.assertTrue('stacktrace' in result) stack = result['stacktrace'] self.assertTrue('frames' in stack) self.assertEquals(len(stack['frames']), 1) frame = stack['frames'][0] self.assertTrue('vars' in frame) self._check_vars_sanitized(frame['vars'], proc)
def test_stacktrace(self, *args, **kwargs): """ Check whether sensitive variables are properly stripped from stack-trace messages. """ data = get_stack_trace_data_real() proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) # data['exception']['values'][0]['stacktrace']['frames'][0]['vars'] self.assertTrue('exception' in result) exception = result['exception'] self.assertTrue('values' in exception) values = exception['values'] stack = values[0]['stacktrace'] self.assertTrue('frames' in stack) self.assertEquals(len(stack['frames']), 2) frame = stack['frames'][1] # frame of will_throw_type_error() self.assertTrue('vars' in frame) self._check_vars_sanitized(frame['vars'], proc)
def test_stacktrace(self, *args, **kwargs): """ Check whether sensitive variables are properly stripped from stack-trace messages. """ data = get_stack_trace_data_real() proc = SanitizePasswordsProcessor(Mock()) result = proc.process(data) # data['exception']['values'][-1]['stacktrace']['frames'][0]['vars'] self.assertTrue('exception' in result) exception = result['exception'] self.assertTrue('values' in exception) values = exception['values'] stack = values[-1]['stacktrace'] self.assertTrue('frames' in stack) self.assertEquals(len(stack['frames']), 2) frame = stack['frames'][1] # frame of will_throw_type_error() self.assertTrue('vars' in frame) self._check_vars_sanitized(frame['vars'], proc)
def test_sanitize_bytes(self): proc = SanitizePasswordsProcessor(Mock()) data = {'data': b'password=1234'} result = proc.filter_http(data) self.assertIn(data['data'], 'password=%s' % proc.MASK)
def test_sanitize_non_ascii(self): proc = SanitizePasswordsProcessor(Mock()) result = proc.sanitize('__repr__: жили-были', '42') self.assertEquals(result, '42')
def test_sanitize_credit_card_amex(self): # AMEX numbers are 15 digits, not 16 proc = SanitizePasswordsProcessor(Mock()) result = proc.sanitize('foo', '424242424242424') self.assertEquals(result, proc.MASK)
def test_sanitize_credit_card(self): proc = SanitizePasswordsProcessor(Mock()) result = proc.sanitize('foo', '4242424242424242') self.assertEquals(result, proc.MASK)