bugdown: Hide alphanumeric characters in exception logs, for privacy

(imported from commit 39481494b7910307f56e566035c1b464c83d196e)
This commit is contained in:
Keegan McAllister 2012-10-25 15:38:47 -04:00
parent 451a041919
commit 1d4f339eae

View File

@ -1,6 +1,7 @@
import markdown
import logging
import traceback
import re
from zephyr.lib.avatar import gravatar_hash
from zephyr.lib.bugdown import codehilite
@ -42,6 +43,16 @@ MAX_MD_ENGINE_USES = 30
_md_engine = None
_use_count = 0
# We want to log Markdown parser failures, but shouldn't log the actual input
# message for privacy reasons. The compromise is to replace all alphanumeric
# characters with 'x'.
#
# We also use repr() to improve reproducibility, and to escape terminal control
# codes, which can do surprisingly nasty things.
_privacy_re = re.compile(r'\w', flags=re.UNICODE)
def _sanitize_for_log(md):
return repr(_privacy_re.sub('x', md))
def _linkify(match):
url = match.group('url')
return ' [%s](%s) ' % (url, url)
@ -62,14 +73,9 @@ def convert(md):
html = _md_engine.convert(md)
except:
# FIXME: Do something more reasonable here!
#
# NB: For security, we must not print the bare Markdown input.
# It could contain terminal control codes, which can do
# surprisingly nasty things.
html = '<p>[Humbug note: Sorry, we could not understand the formatting of your message]</p>'
logging.getLogger('').error('Exception in Markdown parser: %sInput was: %s'
% (traceback.format_exc(), repr(md)))
logging.getLogger('').error('Exception in Markdown parser: %sInput (sanitized) was: %s'
% (traceback.format_exc(), _sanitize_for_log(md)))
_use_count += 1
if _use_count >= MAX_MD_ENGINE_USES: