feat(logs): webhook sanitization (#809)

* feat: sanitize passwords from json payload * add webhook sanitization * update comments Co-authored-by: soup <soup@r4tio.dev> * sanitize RED apikeys from webhook payloads * added an optional whitespace token between field name and data --------- Co-authored-by: soup <soup@r4tio.dev>
2025-07-23 00:39:13 +00:00 · 2023-04-10 14:32:19 +02:00 · 2023-04-10 14:32:19 +02:00 · 169863dded
commit 169863dded
parent 69f6acbc4d
2 changed files with 18 additions and 2 deletions
--- a/internal/http/logs.go
+++ b/internal/http/logs.go
@ -94,6 +94,10 @@ var (
 		pattern *regexp.Regexp
 		repl    string
 	}{
+		{
+			pattern: regexp.MustCompile(`("apikey\\":\s?\\"|"host\\":\s?\\"|"password\\":\s?\\"|"user\\":\s?\\"|ExternalWebhookHost:)(\S+)(\\"|\sExternalWebhookData:)`),
+			repl:    "${1}REDACTED${3}",
+		},
 		{
 			pattern: regexp.MustCompile(`(torrent_pass|passkey|authkey|auth|secret_key|api|apikey)=([a-zA-Z0-9]+)`),
 			repl:    "${1}=REDACTED",
@ -166,9 +170,9 @@ func SanitizeLogFile(filePath string, output io.Writer) error {
 			strings.Contains(line, `"module":"action"`)

 		for i := 0; i < len(regexReplacements); i++ {
-			// Apply the first two patterns only if the line contains "module":"feed",
+			// Apply the first three patterns only if the line contains "module":"feed",
 			// "module":"filter", "repo":"release", or "module":"action"
-			if i < 2 {
+			if i < 3 {
 				if bFilter {
 					line = regexReplacements[i].pattern.ReplaceAllString(line, regexReplacements[i].repl)
 				}