##// END OF EJS Templates
rhodecode-vcsserver
RSS
parse_qs: improved parsing of query string for obfuscation.
marcink -
r107:56be024b default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -39,10 +39,19 b' def test_applies_largefiles_patch_only_i'
39
39
40
40
41 @pytest.mark.parametrize('given, expected', [
41 @pytest.mark.parametrize('given, expected', [
42 ('bad', 'bad'),
43 ('query&foo=bar', 'query&foo=bar'),
44 ('equery&auth_token=bar', 'equery&auth_token=*****'),
45 ('a;b;c;query&foo=bar&auth_token=secret',
46 'a&b&c&query&foo=bar&auth_token=*****'),
47 ('', ''),
48 (None, None),
42 ('foo=bar', 'foo=bar'),
49 ('foo=bar', 'foo=bar'),
43 ('auth_token=secret', 'auth_token=*****'),
50 ('auth_token=secret', 'auth_token=*****'),
44 ('auth_token=secret&api_key=secret2', 'auth_token=*****&api_key=*****'),
51 ('auth_token=secret&api_key=secret2',
45 ('auth_token=secret&api_key=secret2&param=value', 'auth_token=*****&api_key=*****&param=value'),
52 'auth_token=*****&api_key=*****'),
53 ('auth_token=secret&api_key=secret2&param=value',
54 'auth_token=*****&api_key=*****&param=value'),
46 ])
55 ])
47 def test_obfuscate_qs(given, expected):
56 def test_obfuscate_qs(given, expected):
48 assert expected == obfuscate_qs(given)
57 assert expected == obfuscate_qs(given)
Show file before | Show file after | Hide comments
@@ -72,10 +72,14 b' class RepoFactory(object):'
72
72
73
73
74 def obfuscate_qs(query_string):
74 def obfuscate_qs(query_string):
75 if query_string is None:
76 return None
77
75 parsed = []
78 parsed = []
76 for k, v in urlparse.parse_qsl(query_string):
79 for k, v in urlparse.parse_qsl(query_string, keep_blank_values=True):
77 if k in ['auth_token', 'api_key']:
80 if k in ['auth_token', 'api_key']:
78 v = "*****"
81 v = "*****"
79 parsed.append((k, v))
82 parsed.append((k, v))
80
83
81 return '&'.join('{}={}'.format(k,v) for k,v in parsed)
84 return '&'.join('{}{}'.format(
85 k, '={}'.format(v) if v else '') for k, v in parsed)
General Comments 0
You need to be logged in to leave comments. Login now