Return 1 if redactions have been made, 0 otherwise. */
| 828 | |
| 829 | /* Return 1 if redactions have been made, 0 otherwise. */ |
| 830 | static int redact_sensitive_header(struct strbuf *header, size_t offset) |
| 831 | { |
| 832 | int ret = 0; |
| 833 | char *sensitive_header; |
| 834 | |
| 835 | if (trace_curl_redact && |
| 836 | (skip_iprefix(header->buf + offset, "Authorization:", &sensitive_header) || |
| 837 | skip_iprefix(header->buf + offset, "Proxy-Authorization:", &sensitive_header))) { |
| 838 | /* The first token is the type, which is OK to log */ |
| 839 | while (isspace(*sensitive_header)) |
| 840 | sensitive_header++; |
| 841 | while (*sensitive_header && !isspace(*sensitive_header)) |
| 842 | sensitive_header++; |
| 843 | /* Everything else is opaque and possibly sensitive */ |
| 844 | strbuf_setlen(header, sensitive_header - header->buf); |
| 845 | strbuf_addstr(header, " <redacted>"); |
| 846 | ret = 1; |
| 847 | } else if (trace_curl_redact && |
| 848 | skip_iprefix(header->buf + offset, "Cookie:", &sensitive_header)) { |
| 849 | struct strbuf redacted_header = STRBUF_INIT; |
| 850 | char *cookie; |
| 851 | |
| 852 | while (isspace(*sensitive_header)) |
| 853 | sensitive_header++; |
| 854 | |
| 855 | cookie = sensitive_header; |
| 856 | |
| 857 | while (cookie) { |
| 858 | char *equals; |
| 859 | char *semicolon = strstr(cookie, "; "); |
| 860 | if (semicolon) |
| 861 | *semicolon = 0; |
| 862 | equals = strchrnul(cookie, '='); |
| 863 | if (!equals) { |
| 864 | /* invalid cookie, just append and continue */ |
| 865 | strbuf_addstr(&redacted_header, cookie); |
| 866 | continue; |
| 867 | } |
| 868 | strbuf_add(&redacted_header, cookie, equals - cookie); |
| 869 | strbuf_addstr(&redacted_header, "=<redacted>"); |
| 870 | if (semicolon) { |
| 871 | /* |
| 872 | * There are more cookies. (Or, for some |
| 873 | * reason, the input string ends in "; ".) |
| 874 | */ |
| 875 | strbuf_addstr(&redacted_header, "; "); |
| 876 | cookie = semicolon + strlen("; "); |
| 877 | } else { |
| 878 | cookie = NULL; |
| 879 | } |
| 880 | } |
| 881 | |
| 882 | strbuf_setlen(header, sensitive_header - header->buf); |
| 883 | strbuf_addbuf(header, &redacted_header); |
| 884 | strbuf_release(&redacted_header); |
| 885 | ret = 1; |
| 886 | } |
| 887 | return ret; |
no test coverage detected