Make http.server request logging more verbose, but redact access_tokens

This commit is contained in:
Erik Johnston 2015-06-15 13:37:58 +01:00
parent 83f119a84a
commit f00f8346f1
1 changed files with 12 additions and 2 deletions

View File

@ -32,6 +32,7 @@ from twisted.web.util import redirectTo
import collections import collections
import logging import logging
import re
import urllib import urllib
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@ -82,9 +83,18 @@ def request_handler(request_handler):
code = None code = None
start = self.clock.time_msec() start = self.clock.time_msec()
try: try:
request_uri = request.uri
# Don't log access_tokens
request_uri = re.sub(
r'(\?.*access_token=)[^&]*(.*)$',
r'\1<redacted>\2',
request_uri
)
logger.info( logger.info(
"Received request: %s %s", "%s - Received request: %s %s",
request.method, request.path request.getClientIP(), request.method, request_uri
) )
d = request_handler(self, request) d = request_handler(self, request)
with PreserveLoggingContext(): with PreserveLoggingContext():