summaryrefslogtreecommitdiffstats
path: root/Bugzilla
diff options
context:
space:
mode:
authorByron Jones <glob@mozilla.com>2014-07-10 08:51:19 +0200
committerByron Jones <glob@mozilla.com>2014-07-10 08:51:19 +0200
commit9b47eb69b5cbe3ac621c91ccaf226cef8efed625 (patch)
tree5d20af96ce09a76f45f852915a514d904c4e37e6 /Bugzilla
parent0c7c657e2328a6da6db05f536acde166b7029658 (diff)
downloadbugzilla-9b47eb69b5cbe3ac621c91ccaf226cef8efed625.tar.gz
bugzilla-9b47eb69b5cbe3ac621c91ccaf226cef8efed625.tar.xz
Bug 1027114: When sending error to Sentry for webservice failures, we need to first scrub the username/login/password from the query string
Diffstat (limited to 'Bugzilla')
-rw-r--r--Bugzilla/Sentry.pm5
1 files changed, 5 insertions, 0 deletions
diff --git a/Bugzilla/Sentry.pm b/Bugzilla/Sentry.pm
index 333cff9c3..ce45d4823 100644
--- a/Bugzilla/Sentry.pm
+++ b/Bugzilla/Sentry.pm
@@ -201,6 +201,11 @@ sub sentry_handle_error {
my $uri = URI->new(Bugzilla->cgi->self_url);
$uri->query(undef);
+ foreach my $field (qw( QUERY_STRING REQUEST_URI HTTP_REFERER )) {
+ $ENV{$field} =~ s/\b((?:Bugzilla_password|password)=)[^ &]+/$1*/gi
+ if exists $ENV{$field};
+ }
+
my $data = {
event_id => $id,
message => $message,