lib/timber/util/http_event.rb in timber-2.0.24 vs lib/timber/util/http_event.rb in timber-2.1.0.rc1
- old
+ new
@@ -1,9 +1,11 @@
module Timber
module Util
+ # Utility module for dealing with HTTP events {Events::HTTPServerRequest},
+ # {Events::HTTPServerResponse}, {Events::HTTPClientRequest}, {Events::HTTPClientResponse}.
module HTTPEvent
- AUTHORIZATION_HEADER = 'authorization'.freeze
+ HEADERS_TO_SANITIZE = ['authorization', 'x-amz-security-token'].freeze
QUERY_STRING_LIMIT = 5_000.freeze
STRING_CLASS_NAME = 'String'.freeze
extend self
@@ -13,18 +15,28 @@
else
path
end
end
+ # Normalizes the body. If limit if passed it will truncate the body to that limit.
def normalize_body(body)
if body.respond_to?(:body)
body = body.body.to_s
end
- body[0..(Config.instance.http_body_limit - 1)]
+ limit = Config.instance.http_body_limit
+ if limit
+ body[0..(limit - 1)]
+ else
+ body
+ end
end
+ # Normalizes headers to:
+ #
+ # 1. Ensure the value is UTF8, this will otherwise throw errors upon capturing.
+ # 2. Sanitize sensitive headers such as `Authorization` or custom headers specified in
def normalize_headers(headers)
if headers.is_a?(::Hash)
h = headers.each_with_object({}) do |(k, v), h|
# Force the header into a valid UTF-8 string, otherwise we will encounter
# encoding issues when we serialize this data. Moreoever, if the
@@ -44,16 +56,17 @@
else
h[k] = v
end
end
- keys_to_sanitize = [AUTHORIZATION_HEADER] + (Config.instance.header_filters || [])
+ keys_to_sanitize = HEADERS_TO_SANITIZE + (Config.instance.http_header_filters || [])
Util::Hash.sanitize(h, keys_to_sanitize)
else
headers
end
end
+ # Normalizes the HTTP method into an uppercase string.
def normalize_method(method)
method.is_a?(::String) ? method.upcase : method
end
def normalize_query_string(query_string)
\ No newline at end of file