fix: redact headers, cookies, url params in har file (#22595)

fix: redact headers, cookies, url params in har file Signed-off-by: David Kwon <[email protected]>
eclipse-che · Oct 12, 2023 · 9cd8def · 9cd8def
1 parent 080f22f
commit 9cd8def
Show file tree

Hide file tree

Showing 2 changed files with 60 additions and 0 deletions.
diff --git a/tests/e2e/utils/CheReporter.ts b/tests/e2e/utils/CheReporter.ts
@@ -181,12 +181,44 @@ class CheReporter extends mocha.reporters.Spec {
 			const networkLogsEntries: logging.Entry[] = await this.driverHelper.getDriver().manage().logs().get('performance');
 			const events: any[] = networkLogsEntries.map((entry): any[] => JSON.parse(entry.message).message);
 			const har: any = chromeHar.harFromMessages(events, { includeTextFromResponseBody: true });
+			this.redactHarContent(har);
+
 			const networkLogsStream: WriteStream = fs.createWriteStream(harFileName);
 			networkLogsStream.write(Buffer.from(JSON.stringify(har)), (): void => {
 				networkLogsStream.end();
 			});
 		});
 	}
+
+	redactHarContent(har: any): void {
+		har.log?.entries?.forEach((entry: any): void => {
+			let text: string | undefined = entry.request?.postData?.text;
+			if (text) {
+				text = StringUtil.updateUrlQueryValue(text, 'csrf', '<REDACTED>');
+				text = StringUtil.updateUrlQueryValue(text, 'username', '<REDACTED>');
+				entry.request.postData.text = StringUtil.updateUrlQueryValue(text, 'password', '<REDACTED>');
+			}
+
+			const cookies: any = entry.request?.cookies;
+			if (cookies) {
+				cookies.forEach((cookie: any): void => {
+					if (cookie.name?.startsWith('_oauth_proxy')) {
+						cookie.value = '<REDACTED>';
+					}
+				});
+			}
+
+			const headers: any = entry.request?.headers;
+			if (headers) {
+				headers.forEach((header: any): void => {
+					if (header.name?.toLowerCase() === 'cookie') {
+						header.value = StringUtil.updateCookieValue(header.value, '_oauth_proxy', '<REDACTED>');
+						header.value = StringUtil.updateCookieValue(header.value, '_oauth_proxy_csrf', '<REDACTED>');
+					}
+				});
+			}
+		});
+	}
 }
 
 export = CheReporter;
diff --git a/tests/e2e/utils/StringUtil.ts b/tests/e2e/utils/StringUtil.ts
@@ -59,4 +59,32 @@ export class StringUtil {
 
 		return command.replace(/[{}]/g, '').replace(/(?<!")\${?[a-zA-Z0-9_+\-\s]+\b}?/gm, '"$&"');
 	}
+
+	/**
+	 * replaces the cookie value of the specified cookie
+	 * @param cookie cookie names and values, seperated with ;
+	 * @param name name of cookie to replace its value for
+	 * @param replaceStr the new value of the cookie
+	 * @return updated cookie string with the cookie value replaced
+	 */
+	static updateCookieValue(cookie: string, name: string, replaceStr: string): string {
+		Logger.trace();
+
+		const regex: RegExp = new RegExp(`(${name})=[^;]+`, 'g');
+		return cookie.replace(regex, `$1=${replaceStr}`);
+	}
+
+	/**
+	 * replaces the query value of the specified query
+	 * @param queryString query string (ie. query=value&query2=value2)
+	 * @param name name of the query to replace
+	 * @param replaceStr new query value
+	 * @returns updated queryString with the query value replaced
+	 */
+	static updateUrlQueryValue(queryString: string, name: string, replaceStr: string): string {
+		Logger.trace();
+
+		const regex: RegExp = new RegExp(`(${name})=[^&]+`, 'g');
+		return queryString.replace(regex, `$1=${replaceStr}`);
+	}
 }