diff options
| author | Byron Jones <glob@mozilla.com> | 2014-07-10 08:51:19 +0200 |
|---|---|---|
| committer | Byron Jones <glob@mozilla.com> | 2014-07-10 08:51:19 +0200 |
| commit | 9b47eb69b5cbe3ac621c91ccaf226cef8efed625 (patch) | |
| tree | 5d20af96ce09a76f45f852915a514d904c4e37e6 | |
| parent | 0c7c657e2328a6da6db05f536acde166b7029658 (diff) | |
| download | bugzilla-9b47eb69b5cbe3ac621c91ccaf226cef8efed625.tar.gz bugzilla-9b47eb69b5cbe3ac621c91ccaf226cef8efed625.tar.xz | |
Bug 1027114: When sending error to Sentry for webservice failures, we need to first scrub the username/login/password from the query string
| -rw-r--r-- | Bugzilla/Sentry.pm | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/Bugzilla/Sentry.pm b/Bugzilla/Sentry.pm index 333cff9c3..ce45d4823 100644 --- a/Bugzilla/Sentry.pm +++ b/Bugzilla/Sentry.pm @@ -201,6 +201,11 @@ sub sentry_handle_error { my $uri = URI->new(Bugzilla->cgi->self_url); $uri->query(undef); + foreach my $field (qw( QUERY_STRING REQUEST_URI HTTP_REFERER )) { + $ENV{$field} =~ s/\b((?:Bugzilla_password|password)=)[^ &]+/$1*/gi + if exists $ENV{$field}; + } + my $data = { event_id => $id, message => $message, |