Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(130)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/http_log_util.cc

Issue 992733002: Remove //net (except for Android test stuff) and sdch (Closed) Base URL: git@github.com:domokit/mojo.git@master
Patch Set: Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/http/http_log_util.h ('k') | net/http/http_log_util_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/http/http_log_util.h"
6
7 #include "base/strings/string_util.h"
8 #include "base/strings/stringprintf.h"
9 #include "net/http/http_auth_challenge_tokenizer.h"
10 #include "net/http/http_util.h"
11
12 namespace net {
13
14 namespace {
15
16 bool ShouldRedactChallenge(HttpAuthChallengeTokenizer* challenge) {
17 // Ignore lines with commas, as they may contain lists of schemes, and
18 // the information we want to hide is Base64 encoded, so has no commas.
19 if (challenge->challenge_text().find(',') != std::string::npos)
20 return false;
21
22 std::string scheme = base::StringToLowerASCII(challenge->scheme());
23 // Invalid input.
24 if (scheme.empty())
25 return false;
26
27 // Ignore Basic and Digest authentication challenges, as they contain
28 // public information.
29 if (scheme == "basic" || scheme == "digest")
30 return false;
31
32 return true;
33 }
34
35 } // namespace
36
37 std::string ElideHeaderValueForNetLog(NetLog::LogLevel log_level,
38 const std::string& header,
39 const std::string& value) {
40 std::string::const_iterator redact_begin = value.begin();
41 std::string::const_iterator redact_end = value.begin();
42
43 if (redact_begin == redact_end &&
44 log_level >= NetLog::LOG_STRIP_PRIVATE_DATA) {
45
46 // Note: this logic should be kept in sync with stripCookiesAndLoginInfo in
47 // chrome/browser/resources/net_internals/log_view_painter.js.
48
49 if (!base::strcasecmp(header.c_str(), "set-cookie") ||
50 !base::strcasecmp(header.c_str(), "set-cookie2") ||
51 !base::strcasecmp(header.c_str(), "cookie") ||
52 !base::strcasecmp(header.c_str(), "authorization") ||
53 !base::strcasecmp(header.c_str(), "proxy-authorization")) {
54 redact_begin = value.begin();
55 redact_end = value.end();
56 } else if (!base::strcasecmp(header.c_str(), "www-authenticate") ||
57 !base::strcasecmp(header.c_str(), "proxy-authenticate")) {
58 // Look for authentication information from data received from the server
59 // in multi-round Negotiate authentication.
60 HttpAuthChallengeTokenizer challenge(value.begin(), value.end());
61 if (ShouldRedactChallenge(&challenge)) {
62 redact_begin = challenge.params_begin();
63 redact_end = challenge.params_end();
64 }
65 }
66 }
67
68 if (redact_begin == redact_end)
69 return value;
70
71 return std::string(value.begin(), redact_begin) +
72 base::StringPrintf("[%ld bytes were stripped]",
73 static_cast<long>(redact_end - redact_begin)) +
74 std::string(redact_end, value.end());
75 }
76
77 } // namespace net
OLDNEW
« no previous file with comments | « net/http/http_log_util.h ('k') | net/http/http_log_util_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698