forked from grafana/grafana
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathuri_sanitize.go
54 lines (47 loc) · 1.04 KB
/
uri_sanitize.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
package util
import (
"fmt"
"net/url"
"strings"
)
const masking = "hidden"
var sensitiveQueryChecks = map[string]func(key string, urlValues url.Values) bool{
"auth_token": func(key string, urlValues url.Values) bool {
return true
},
"x-amz-signature": func(key string, urlValues url.Values) bool {
return true
},
"x-goog-signature": func(key string, urlValues url.Values) bool {
return true
},
"sig": func(key string, urlValues url.Values) bool {
for k := range urlValues {
if strings.ToLower(k) == "sv" {
return true
}
}
return false
},
}
func SanitizeURI(s string) (string, error) {
if s == "" {
return s, nil
}
u, err := url.ParseRequestURI(s)
if err != nil {
return "", fmt.Errorf("failed to sanitize URL")
}
// strip out sensitive query strings
urlValues := u.Query()
for key := range urlValues {
lk := strings.ToLower(key)
if checker, ok := sensitiveQueryChecks[lk]; ok {
if checker(key, urlValues) {
urlValues.Set(key, masking)
}
}
}
u.RawQuery = urlValues.Encode()
return u.String(), nil
}