Properly obfuscate query parameters in logs (#3793)

* fix-3789 * fix3789 add unit test
parse-community · May 11, 2017 · e0be653 · e0be653
1 parent 22ba398
commit e0be653
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 0 deletions.
diff --git a/spec/CloudCodeLogger.spec.js b/spec/CloudCodeLogger.spec.js
@@ -228,3 +228,20 @@ describe("Cloud Code Logger", () => {
             .then(null, e => done.fail(JSON.stringify(e)));
   }).pend('needs more work.....');
 });
+
+it('cloud function should obfuscate password', done => {
+  const logController = new LoggerController(new WinstonLoggerAdapter());
+
+  Parse.Cloud.define('testFunction', (req, res) => {
+    res.success(1002,'verify code success');
+  });
+
+  Parse.Cloud.run('testFunction', {username:'hawk',password:'123456'})
+          .then(() => logController.getLogs({ from: Date.now() - 500, size: 1000 }))
+          .then((res) => {
+            const entry = res[0];
+            expect(entry.params.password).toMatch(/\*\*\*\*\*\*\*\*/);
+            done();
+          })
+          .then(null, e => done.fail(e));
+});
diff --git a/src/Controllers/LoggerController.js b/src/Controllers/LoggerController.js
@@ -64,6 +64,15 @@ export class LoggerController extends AdaptableController {
         }
       }
 
+      if (e.params) {
+        for (const key of Object.keys(e.params)) {
+          if (key === 'password') {
+            e.params[key] = '********';
+            break;
+          }
+        }
+      }
+
       return e;
     });
   }