fix: hide ws_cookie from logs

2023-03-21 17:08:39 +08:00 · 2023-03-21 17:08:39 +08:00 · 3e24d287a3
parent 4bfd7dd14a
commit 3e24d287a3
4 changed files with 17 additions and 4 deletions
--- a/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.erl
+++ b/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.erl
@ -60,7 +60,7 @@ check(ClientInfo = #{ clientid := Clientid
    MatchSpec = ets:fun2ms(fun({?TABLE, {clientid, X}, Password, InterTime}) when X =:= Clientid-> Password;
                              ({?TABLE, {username, X}, Password, InterTime}) when X =:= Username andalso X =/= undefined -> Password
                           end),
-    Info = maps:without([password], ClientInfo),
+    Info = maps:without([password, ws_cookie], ClientInfo),
    case ets:select(?TABLE, MatchSpec) of
        [] ->
            ?LOG(debug, "[Mnesia] Auth ignored, Client: ~p", [Info]);
--- a/apps/emqx_rule_engine/test/emqx_rule_engine_jwt_worker_SUITE.erl
+++ b/apps/emqx_rule_engine/test/emqx_rule_engine_jwt_worker_SUITE.erl
@ -82,7 +82,7 @@ t_create_success(_Config) ->
        {Ref, token_created} ->
            ok
    after
-        1_000 ->
+        5_000 ->
            ct:fail("should have confirmed token creation; msgs: ~0p",
                    [process_info(self(), messages)])
    end,
--- a/src/emqx.appup.src
+++ b/src/emqx.appup.src
@ -1,8 +1,13 @@
 %% -*- mode: erlang -*-
 %% Unless you know what you are doing, DO NOT edit manually!!
 {VSN,
-  [{"4.4.15",
+  [{"4.4.16",
+    [{load_module,emqx_misc,brutal_purge,soft_purge,[]},
+     {load_module,emqx_relup,brutal_purge,soft_purge,[]},
+     {load_module,emqx_app,brutal_purge,soft_purge,[]}]},
+   {"4.4.15",
    [{load_module,emqx,brutal_purge,soft_purge,[]},
+     {load_module,emqx_misc,brutal_purge,soft_purge,[]},
     {load_module,emqx_packet,brutal_purge,soft_purge,[]},
     {load_module,emqx_relup,brutal_purge,soft_purge,[]},
     {load_module,emqx_app,brutal_purge,soft_purge,[]}]},
@ -499,8 +504,13 @@
     {apply,{application,set_env,
                         [gen_rpc,insecure_auth_fallback_allowed,true]}}]},
   {<<".*">>,[]}],
-  [{"4.4.15",
+  [{"4.4.16",
+    [{load_module,emqx_misc,brutal_purge,soft_purge,[]},
+     {load_module,emqx_relup,brutal_purge,soft_purge,[]},
+     {load_module,emqx_app,brutal_purge,soft_purge,[]}]},
+   {"4.4.15",
    [{load_module,emqx,brutal_purge,soft_purge,[]},
+     {load_module,emqx_misc,brutal_purge,soft_purge,[]},
     {load_module,emqx_packet,brutal_purge,soft_purge,[]},
     {load_module,emqx_relup,brutal_purge,soft_purge,[]},
     {load_module,emqx_app,brutal_purge,soft_purge,[]}]},
--- a/src/emqx_misc.erl
+++ b/src/emqx_misc.erl
@ -507,6 +507,9 @@ safe_io_device() ->
            standard_error
    end.

+is_sensitive_key(ws_cookie) -> true;
+is_sensitive_key("ws_cookie") -> true;
+is_sensitive_key(<<"ws_cookie">>) -> true;
 is_sensitive_key(token) -> true;
 is_sensitive_key("token") -> true;
 is_sensitive_key(<<"token">>) -> true;