Updating trunk VERSION from 2139.0 to 2140.0
[chromium-blink-merge.git] / net / http / http_log_util.cc
blob4d0e6e98ce81d1e44c73727a4094e5c5a8784943
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/http/http_log_util.h"
7 #include "base/strings/string_util.h"
8 #include "base/strings/stringprintf.h"
9 #include "net/http/http_auth_challenge_tokenizer.h"
10 #include "net/http/http_util.h"
12 namespace net {
14 namespace {
16 bool ShouldRedactChallenge(HttpAuthChallengeTokenizer* challenge) {
17 // Ignore lines with commas, as they may contain lists of schemes, and
18 // the information we want to hide is Base64 encoded, so has no commas.
19 if (challenge->challenge_text().find(',') != std::string::npos)
20 return false;
22 std::string scheme = base::StringToLowerASCII(challenge->scheme());
23 // Invalid input.
24 if (scheme.empty())
25 return false;
27 // Ignore Basic and Digest authentication challenges, as they contain
28 // public information.
29 if (scheme == "basic" || scheme == "digest")
30 return false;
32 return true;
35 } // namespace
37 #if defined(SPDY_PROXY_AUTH_ORIGIN)
38 void ElideChromeProxyDirective(const std::string& header_value,
39 const std::string& directive,
40 std::string::const_iterator* redact_begin,
41 std::string::const_iterator* redact_end) {
42 HttpUtil::ValuesIterator it(header_value.begin(), header_value.end(), ',');
43 while (it.GetNext()) {
44 if (LowerCaseEqualsASCII(it.value_begin(),
45 it.value_begin() + directive.size(),
46 directive.c_str())) {
47 *redact_begin = it.value_begin();
48 *redact_end = it.value_end();
49 return;
53 #endif
55 std::string ElideHeaderValueForNetLog(NetLog::LogLevel log_level,
56 const std::string& header,
57 const std::string& value) {
58 std::string::const_iterator redact_begin = value.begin();
59 std::string::const_iterator redact_end = value.begin();
60 #if defined(SPDY_PROXY_AUTH_ORIGIN)
61 if (!base::strcasecmp(header.c_str(), "chrome-proxy")) {
62 ElideChromeProxyDirective(value, "sid=", &redact_begin, &redact_end);
64 #endif
66 if (redact_begin == redact_end &&
67 log_level >= NetLog::LOG_STRIP_PRIVATE_DATA) {
69 // Note: this logic should be kept in sync with stripCookiesAndLoginInfo in
70 // chrome/browser/resources/net_internals/log_view_painter.js.
72 if (!base::strcasecmp(header.c_str(), "set-cookie") ||
73 !base::strcasecmp(header.c_str(), "set-cookie2") ||
74 !base::strcasecmp(header.c_str(), "cookie") ||
75 !base::strcasecmp(header.c_str(), "authorization") ||
76 !base::strcasecmp(header.c_str(), "proxy-authorization")) {
77 redact_begin = value.begin();
78 redact_end = value.end();
79 } else if (!base::strcasecmp(header.c_str(), "www-authenticate") ||
80 !base::strcasecmp(header.c_str(), "proxy-authenticate")) {
81 // Look for authentication information from data received from the server
82 // in multi-round Negotiate authentication.
83 HttpAuthChallengeTokenizer challenge(value.begin(), value.end());
84 if (ShouldRedactChallenge(&challenge)) {
85 redact_begin = challenge.params_begin();
86 redact_end = challenge.params_end();
91 if (redact_begin == redact_end)
92 return value;
94 return std::string(value.begin(), redact_begin) +
95 base::StringPrintf("[%ld bytes were stripped]",
96 static_cast<long>(redact_end - redact_begin)) +
97 std::string(redact_end, value.end());
100 } // namespace net