[Catalyst] Re: Supressing passwords in debug messages

[Brian Phillips]

Hello all,
Some time ago, I submitted a preliminary patch to support filtering of
certain query/body parameters so that sensitive data isn't logged in the
debug logs.  t0m++ gave me some feedback off-list and created a branch in
SVN for me to commit on.  I developed the patch into something more
feature-worthy, committed it and promptly forgot to do anything more with it
:-)

So, consider this an official RFC on the requested param filtering
functionality.  You can checkout the branch in svn (which was just updated
with a merge from trunk by t0m) here:
http://dev.catalyst.perl.org/repos/Catalyst/Catalyst-Runtime/5.80/branches/=
param_filtering


Or, if you prefer to just take a peek in svnweb, here's the link:
http://dev.catalystframework.org/svnweb/Catalyst/log/Catalyst-Runtime/5.80/=
branches/param_filtering/
(the
most recent commit listed being the trunk merge), the interesting parts
being the 2nd and 3rd commits from the bottom
(10942<http://dev.catalystframework.org/svnweb/Catalyst/revision/?rev=3D109=
42>and
10943 <http://dev.catalystframework.org/svnweb/Catalyst/revision/?rev=3D109=
43>)
on that page.

Or, if that's even too much work, the basic functionality I implemented
follows (full disclosure: I modeled this after Rails param filtering
functionality):

   - Param filtering (body, query or both):
      - filtering by (Iiteral) parameter name
      - filtering by regular expressions matched against the parameter name
      - filtering by callback
   - Additional (and/or refactored) Request/Response debug logging
      - Request header logging (filterable like param filters described
      above)
      - Response header logging (again, filterable, if necessary)

Comments and suggestions welcome.

Brian Phillips
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20091130/e6c05=
f66/attachment.htm