feat(safety): option to enable additional scrubbing for discord ids

Aiko-IT-Systems · Jun 7, 2024 · 1ff19db · 1ff19db
1 parent 765ca39
commit 1ff19db
Show file tree

Hide file tree

Showing 4 changed files with 47 additions and 16 deletions.
diff --git a/DisCatSharp.Common/RegularExpressions/DiscordRegEx.cs b/DisCatSharp.Common/RegularExpressions/DiscordRegEx.cs
@@ -40,6 +40,9 @@ public static partial class DiscordRegEx
 	[GeneratedRegex(@"^<@\!?(?<id>\d+?)>$", RegexOptions.Compiled | RegexOptions.ECMAScript)]
 	public static partial Regex UserRegex();
 
+	[GeneratedRegex(@"^(?<id>\d{17,20})$", RegexOptions.Compiled | RegexOptions.ECMAScript)]
+	public static partial Regex IdRegex();
+
 	[GeneratedRegex(@"^<@\!(?<id>\d{17,20})>$", RegexOptions.Compiled | RegexOptions.ECMAScript)]
 	public static partial Regex UserWithNicknameRegex();
 

diff --git a/DisCatSharp/Clients/BaseDiscordClient.cs b/DisCatSharp/Clients/BaseDiscordClient.cs
@@ -253,21 +253,24 @@ protected BaseDiscordClient(DiscordConfiguration config)
 				MaxBreadcrumbs = this.Configuration.AttachRecentLogEntries ? 100 : 0
 			};
 
-			options.SetBeforeBreadcrumb(b
-				=> new(Utilities.StripTokens(b.Message),
-					b.Type,
-					b.Data?.Select(x => new KeyValuePair<string, string>(x.Key, Utilities.StripTokens(x.Value)))
-						.ToDictionary(x => x.Key, x => x.Value),
-					b.Category,
-					b.Level));
-
-			options.SetBeforeSendTransaction(tr =>
+			if (!this.Configuration.DisableScrubber)
 			{
-				if (tr.Request.Data is string str)
-					tr.Request.Data = Utilities.StripTokens(str);
+				options.SetBeforeBreadcrumb(b
+					=> new(Utilities.StripIds(Utilities.StripTokens(b.Message), this.Configuration.EnableDiscordIdScrubber)!,
+						b.Type!,
+						b.Data?.Select(x => new KeyValuePair<string, string>(x.Key, Utilities.StripIds(Utilities.StripTokens(x.Value), this.Configuration.EnableDiscordIdScrubber)!))
+							.ToDictionary(x => x.Key, x => x.Value),
+						b.Category,
+						b.Level));
+
+				options.SetBeforeSendTransaction(tr =>
+				{
+					if (tr.Request.Data is string str)
+						tr.Request.Data = Utilities.StripIds(Utilities.StripTokens(str), this.Configuration.EnableDiscordIdScrubber);
 
-				return tr;
-			});
+					return tr;
+				});
+			}
 
 			options.SetBeforeSend((e, _) =>
 			{

diff --git a/DisCatSharp/DiscordConfiguration.cs b/DisCatSharp/DiscordConfiguration.cs
@@ -281,6 +281,12 @@ public UdpClientFactoryDelegate UdpClientFactory
 	/// </summary>
 	public bool EnablePayloadReceivedEvent { internal get; set; } = false;
 
+	/// <summary>
+	/// <para>Whether to replace every discord-based id with <c>{DISCORD_ID}</c>.</para>
+	/// <para>Defaults to <see langword="false"/>.</para>
+	/// </summary>
+	public bool EnableDiscordIdScrubber { internal get; set; } = false;
+
 	/// <summary>
 	/// <para>Sets which exceptions to track with sentry.</para>
 	/// <para>Do not touch this unless you're developing the library.</para>
@@ -314,6 +320,12 @@ internal List<Type> TrackExceptions
 	/// </summary>
 	internal bool EnableLibraryDeveloperMode { get; set; } = false;
 
+	/// <summary>
+	/// <para>Whether to disable all safety scrubbers.</para>
+	/// <para>Can only be enabled by whitelisted developers.</para>
+	/// </summary>
+	internal bool DisableScrubber { get; set; } = false;
+
 	/// <summary>
 	/// Whether to turn sentry's debug mode on.
 	/// </summary>

diff --git a/DisCatSharp/Utilities.cs b/DisCatSharp/Utilities.cs
@@ -90,13 +90,11 @@ static Utilities()
 		VersionHeader = $"DiscordBot (https://github.com/Aiko-IT-Systems/DisCatSharp, v{vs})";
 	}
 
-
-
 	/// <summary>
 	///	Removes discord-based tokens from a given string.
 	/// </summary>
 	/// <param name="str">The string to remove the tokens from.</param>
-	/// <returns>A new string with the tokens replaced with <c>{KEY_TOKEN}</c></returns>
+	/// <returns>A new string with the tokens replaced with <c>{WEBHOOK_OR_INTERACTION_TOKEN}</c> and <c>{BOT_OR_USER_TOKEN}</c>.</returns>
 	public static string? StripTokens(string? str)
 	{
 		if (string.IsNullOrWhiteSpace(str))
@@ -108,6 +106,21 @@ static Utilities()
 		return str;
 	}
 
+	/// <summary>
+	/// Removes discord-based ids from a given string.
+	/// </summary>
+	/// <param name="str">The string to remove the ids from.</param>
+	/// <returns>A new string with the ids replaced with <c>{DISCORD_ID}</c>.</returns>
+	public static string? StripIds(string? str, bool strip)
+	{
+		if (string.IsNullOrWhiteSpace(str) || !strip)
+			return str;
+
+		str = DiscordRegEx.IdRegex().Replace(str, "{DISCORD_ID}");
+
+		return str;
+	}
+
 	/// <summary>
 	/// Adds the specified parameter to the Query String.
 	/// </summary>