From 7d762593f6bd45b4a21f63a6ca72d281f530b818 Mon Sep 17 00:00:00 2001 From: firest Date: Mon, 20 Feb 2023 12:20:27 +0800 Subject: [PATCH] fix(connector): redact the http body in error logs for security reasons --- apps/emqx_connector/src/emqx_connector_http.erl | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/apps/emqx_connector/src/emqx_connector_http.erl b/apps/emqx_connector/src/emqx_connector_http.erl index 7d91e18b9..29d5136bb 100644 --- a/apps/emqx_connector/src/emqx_connector_http.erl +++ b/apps/emqx_connector/src/emqx_connector_http.erl @@ -328,15 +328,17 @@ on_query( {ok, StatusCode, Headers} -> ?SLOG(error, #{ msg => "http connector do request, received error response", - request => redact(NRequest), + note => "the body will be redacted due to security reasons", + request => redact_request(NRequest), connector => InstId, status_code => StatusCode }), {error, #{status_code => StatusCode, headers => Headers}}; {ok, StatusCode, Headers, Body} -> ?SLOG(error, #{ - msg => "http connector do request, received error response", - request => redact(NRequest), + msg => "http connector do request, received error response.", + note => "the body will be redacted due to security reasons", + request => redact_request(NRequest), connector => InstId, status_code => StatusCode }), @@ -601,6 +603,15 @@ is_sensitive_key(_) -> redact(Data) -> emqx_misc:redact(Data, fun is_sensitive_key/1). +%% because the body may contain some sensitive data +%% and at the same time the redact function will not scan the binary data +%% and we also can't know the body format and where the sensitive data will be +%% so the easy way to keep data security is redacted the whole body +redact_request({Path, Headers}) -> + {Path, redact(Headers)}; +redact_request({Path, Headers, _Body}) -> + {Path, redact(Headers), <<"******">>}. + -ifdef(TEST). -include_lib("eunit/include/eunit.hrl").