From e8ca6376be7b64019dee71978e755cd5cdd5f74c Mon Sep 17 00:00:00 2001
From: KernelDeimos <eric.alex.dube@gmail.com>
Date: Wed, 17 Apr 2024 12:51:30 -0400
Subject: [PATCH] Avoid logging sensitive query params

---
 .../backend/src/services/WebServerService.js   | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/packages/backend/src/services/WebServerService.js b/packages/backend/src/services/WebServerService.js
index f8bf58b6a..04d8df31d 100644
--- a/packages/backend/src/services/WebServerService.js
+++ b/packages/backend/src/services/WebServerService.js
@@ -208,6 +208,24 @@ class WebServerService extends BaseService {
                 responseTime: parseFloat(responseTime),
                 };
                 if ( url.includes('android-icon') ) return;
+
+                // remove `puter.auth.*` query params
+                const safe_url = (u => {
+                    // We need to prepend an arbitrary domain to the URL
+                    const url = new URL('https://example.com' + u);
+                    const search = url.searchParams;
+                    for ( const key of search.keys() ) {
+                        if ( key.startsWith('puter.auth.') ) search.delete(key);
+                    }
+                    return url.pathname + '?' + search.toString();
+                })(fields.url);
+                fields.url = safe_url;
+                // re-write message
+                message = [
+                    fields.method, fields.url,
+                    fields.status, fields.responseTime,
+                ].join(' ');
+
                 const log = this.services.get('log-service').create('morgan');
                 log.info(message, fields);
             }