From b786f58f800918a1b7da7645d6a0806b0d9fe18a Mon Sep 17 00:00:00 2001 From: Harold Ozouf Date: Tue, 26 Sep 2023 08:28:25 +0200 Subject: [PATCH] fix: false positive in url anonymization --- go.mod | 2 +- go.sum | 8 ++++---- pkg/redactor/redactor.go | 4 +--- pkg/redactor/redactor_doOnJSON_test.go | 6 ++++-- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/go.mod b/go.mod index f0e5c38da..dae6218c9 100644 --- a/go.mod +++ b/go.mod @@ -84,7 +84,7 @@ require ( k8s.io/apimachinery v0.26.3 k8s.io/client-go v0.26.3 k8s.io/utils v0.0.0-20230313181309-38a27ef9d749 - mvdan.cc/xurls/v2 v2.1.0 + mvdan.cc/xurls/v2 v2.5.0 sigs.k8s.io/gateway-api v0.4.0 ) diff --git a/go.sum b/go.sum index eaa0aa9c2..02232aa2c 100644 --- a/go.sum +++ b/go.sum @@ -1680,8 +1680,8 @@ github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYe github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE= -github.com/rogpeppe/go-internal v1.8.1 h1:geMPLpDpQOgVyCg5z5GoRwLHepNdb71NXb67XFkP+Eg= -github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o= +github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ= github.com/rs/zerolog v1.4.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= @@ -2765,8 +2765,8 @@ k8s.io/utils v0.0.0-20210820185131-d34e5cb4466e/go.mod h1:jPW/WVKK9YHAvNhRxK0md/ k8s.io/utils v0.0.0-20230313181309-38a27ef9d749 h1:xMMXJlJbsU8w3V5N2FLDQ8YgU8s1EoULdbQBcAeNJkY= k8s.io/utils v0.0.0-20230313181309-38a27ef9d749/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= launchpad.net/gocheck v0.0.0-20140225173054-000000000087/go.mod h1:hj7XX3B/0A+80Vse0e+BUHsHMTEhd0O4cpUHr/e/BUM= -mvdan.cc/xurls/v2 v2.1.0 h1:KaMb5GLhlcSX+e+qhbRJODnUUBvlw01jt4yrjFIHAuA= -mvdan.cc/xurls/v2 v2.1.0/go.mod h1:5GrSd9rOnKOpZaji1OZLYL/yeAAtGDlo/cFe+8K5n8E= +mvdan.cc/xurls/v2 v2.5.0 h1:lyBNOm8Wo71UknhUs4QTFUNNMyxy2JEIaKKo0RWOh+8= +mvdan.cc/xurls/v2 v2.5.0/go.mod h1:yQgaGQ1rFtJUzkmKiHYSSfuQxqfYmd//X6PxvholpeE= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= diff --git a/pkg/redactor/redactor.go b/pkg/redactor/redactor.go index c122e307c..d655a673b 100644 --- a/pkg/redactor/redactor.go +++ b/pkg/redactor/redactor.go @@ -4,7 +4,6 @@ import ( "encoding/json" "fmt" "reflect" - "regexp" "github.com/mitchellh/copystructure" "github.com/traefik/traefik/v2/pkg/config/dynamic" @@ -67,8 +66,7 @@ func do(baseConfig interface{}, tag string, redactByDefault, indent bool) (strin } func doOnJSON(input string) string { - mailExp := regexp.MustCompile(`\w[-.\w]*\w@\w[-.\w]*\w\.\w{2,3}"`) - return xurls.Relaxed().ReplaceAllString(mailExp.ReplaceAllString(input, maskLarge+"\""), maskLarge) + return xurls.Relaxed().ReplaceAllString(input, maskLarge) } func doOnStruct(field reflect.Value, tag string, redactByDefault bool) error { diff --git a/pkg/redactor/redactor_doOnJSON_test.go b/pkg/redactor/redactor_doOnJSON_test.go index e61e1975f..ddae9c579 100644 --- a/pkg/redactor/redactor_doOnJSON_test.go +++ b/pkg/redactor/redactor_doOnJSON_test.go @@ -45,13 +45,15 @@ func Test_doOnJSON_simple(t *testing.T) { "URL": "foo domain.com foo", "URL": "foo sub.domain.com foo", "URL": "foo sub.sub.domain.com foo", - "URL": "foo sub.sub.sub.domain.com.us foo" + "URL": "foo sub.sub.sub.domain.com.us foo", + "URL":"https://hub.example.com","foo":"bar" }`, expectedOutput: `{ "URL": "foo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx foo", "URL": "foo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx foo", "URL": "foo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx foo", - "URL": "foo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx foo" + "URL": "foo xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx foo", + "URL":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","foo":"bar" }`, }, }