search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Random cleanup around google_apis/drive and c/b/drive.
[chromium-blink-merge.git] / net / http / http_log_util.cc
blob570232fc3e75be5e049372094825c68b7de51bce
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/http/http_log_util.h"
6
7 #include "base/strings/string_util.h"
8 #include "base/strings/stringprintf.h"
9 #include "net/http/http_auth_challenge_tokenizer.h"
10 #include "net/http/http_util.h"
11
12 namespace net {
13
14 namespace {
15
16 bool ShouldRedactChallenge(HttpAuthChallengeTokenizer* challenge) {
17 // Ignore lines with commas, as they may contain lists of schemes, and
18 // the information we want to hide is Base64 encoded, so has no commas.
19 if (challenge->challenge_text().find(',') != std::string::npos)
20 return false;
21
22 std::string scheme = StringToLowerASCII(challenge->scheme());
23 // Invalid input.
24 if (scheme.empty())
25 return false;
26
27 // Ignore Basic and Digest authentication challenges, as they contain
28 // public information.
29 if (scheme == "basic" || scheme == "digest")
30 return false;
31
32 return true;
33 }
34
35 } // namespace
36
37 #if defined(SPDY_PROXY_AUTH_ORIGIN)
38 void ElideChromeProxyDirective(const std::string& header_value,
39 const std::string& directive,
40 std::string::const_iterator* redact_begin,
41 std::string::const_iterator* redact_end) {
42 HttpUtil::ValuesIterator it(header_value.begin(), header_value.end(), ',');
43 while (it.GetNext()) {
44 if (LowerCaseEqualsASCII(it.value_begin(),
45 it.value_begin() + directive.size(),
46 directive.c_str())) {
47 *redact_begin = it.value_begin();
48 *redact_end = it.value_end();
49 return;
50 }
51 }
52 }
53 #endif
54
55 std::string ElideHeaderValueForNetLog(NetLog::LogLevel log_level,
56 const std::string& header,
57 const std::string& value) {
58 std::string::const_iterator redact_begin = value.begin();
59 std::string::const_iterator redact_end = value.begin();
60 #if defined(SPDY_PROXY_AUTH_ORIGIN)
61 if (!base::strcasecmp(header.c_str(), "chrome-proxy")) {
62 ElideChromeProxyDirective(value, "sid=", &redact_begin, &redact_end);
63 }
64 #endif
65
66 if (redact_begin == redact_end &&
67 log_level >= NetLog::LOG_STRIP_PRIVATE_DATA) {
68
69 // Note: this logic should be kept in sync with stripCookiesAndLoginInfo in
70 // chrome/browser/resources/net_internals/log_view_painter.js.
71
72 if (!base::strcasecmp(header.c_str(), "set-cookie") ||
73 !base::strcasecmp(header.c_str(), "set-cookie2") ||
74 !base::strcasecmp(header.c_str(), "cookie") ||
75 !base::strcasecmp(header.c_str(), "authorization") ||
76 !base::strcasecmp(header.c_str(), "proxy-authorization")) {
77 redact_begin = value.begin();
78 redact_end = value.end();
79 } else if (!base::strcasecmp(header.c_str(), "www-authenticate") ||
80 !base::strcasecmp(header.c_str(), "proxy-authenticate")) {
81 // Look for authentication information from data received from the server
82 // in multi-round Negotiate authentication.
83 HttpAuthChallengeTokenizer challenge(value.begin(), value.end());
84 if (ShouldRedactChallenge(&challenge)) {
85 redact_begin = challenge.params_begin();
86 redact_end = challenge.params_end();
87 }
88 }
89 }
90
91 if (redact_begin == redact_end)
92 return value;
93
94 return std::string(value.begin(), redact_begin) +
95 base::StringPrintf("[%ld bytes were stripped]",
96 static_cast<long>(redact_end - redact_begin)) +
97 std::string(redact_end, value.end());
98 }
99
100 } // namespace net