github.com/waldiirawan/apm-agent-go/v2@v2.2.2/sanitizer.go

github.com/waldiirawan/apm-agent-go/v2@v2.2.2/sanitizer.go (about)

     1  // Licensed to Elasticsearch B.V. under one or more contributor
     2  // license agreements. See the NOTICE file distributed with
     3  // this work for additional information regarding copyright
     4  // ownership. Elasticsearch B.V. licenses this file to you under
     5  // the Apache License, Version 2.0 (the "License"); you may
     6  // not use this file except in compliance with the License.
     7  // You may obtain a copy of the License at
     8  //
     9  //     http://www.apache.org/licenses/LICENSE-2.0
    10  //
    11  // Unless required by applicable law or agreed to in writing,
    12  // software distributed under the License is distributed on an
    13  // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
    14  // KIND, either express or implied.  See the License for the
    15  // specific language governing permissions and limitations
    16  // under the License.
    17  
    18  package apm // import "github.com/waldiirawan/apm-agent-go/v2"
    19  
    20  import (
    21  	"github.com/waldiirawan/apm-agent-go/v2/internal/wildcard"
    22  	"github.com/waldiirawan/apm-agent-go/v2/model"
    23  )
    24  
    25  const redacted = "[REDACTED]"
    26  
    27  var redactedValues = []string{redacted}
    28  
    29  // sanitizeRequest sanitizes HTTP request data, redacting the
    30  // values of cookies, headers and forms whose corresponding keys
    31  // match any of the given wildcard patterns.
    32  func sanitizeRequest(r *model.Request, matchers wildcard.Matchers) {
    33  	for _, c := range r.Cookies {
    34  		if !matchers.MatchAny(c.Name) {
    35  			continue
    36  		}
    37  		c.Value = redacted
    38  	}
    39  	sanitizeHeaders(r.Headers, matchers)
    40  	if r.Body != nil && r.Body.Form != nil {
    41  		for key := range r.Body.Form {
    42  			if !matchers.MatchAny(key) {
    43  				continue
    44  			}
    45  			r.Body.Form[key] = redactedValues
    46  		}
    47  	}
    48  }
    49  
    50  // sanitizeResponse sanitizes HTTP response data, redacting
    51  // the values of response headers whose corresponding keys
    52  // match any of the given wildcard patterns.
    53  func sanitizeResponse(r *model.Response, matchers wildcard.Matchers) {
    54  	sanitizeHeaders(r.Headers, matchers)
    55  }
    56  
    57  func sanitizeHeaders(headers model.Headers, matchers wildcard.Matchers) {
    58  	for i := range headers {
    59  		h := &headers[i]
    60  		if !matchers.MatchAny(h.Key) || len(h.Values) == 0 || h.Key == ":authority" {
    61  			continue
    62  		}
    63  		// h.Values may hold the original value slice from a
    64  		// net/http.Request, so it's important that we do not
    65  		// modify it. Instead, just replace the values with a
    66  		// shared, immutable slice.
    67  		h.Values = redactedValues
    68  	}
    69  }