Revert "Reland c91b178b07b0d - Delete dead signin code (SigninGlobalError)"
[chromium-blink-merge.git] / net / http / http_log_util.cc
blob87c2fd99f191cf2c11443611bd6db6d90000686b
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/http/http_log_util.h"
7 #include "base/strings/string_util.h"
8 #include "base/strings/stringprintf.h"
9 #include "net/http/http_auth_challenge_tokenizer.h"
10 #include "net/http/http_util.h"
12 namespace net {
14 namespace {
16 bool ShouldRedactChallenge(HttpAuthChallengeTokenizer* challenge) {
17 // Ignore lines with commas, as they may contain lists of schemes, and
18 // the information we want to hide is Base64 encoded, so has no commas.
19 if (challenge->challenge_text().find(',') != std::string::npos)
20 return false;
22 std::string scheme = base::ToLowerASCII(challenge->scheme());
23 // Invalid input.
24 if (scheme.empty())
25 return false;
27 // Ignore Basic and Digest authentication challenges, as they contain
28 // public information.
29 if (scheme == "basic" || scheme == "digest")
30 return false;
32 return true;
35 } // namespace
37 std::string ElideHeaderValueForNetLog(NetLogCaptureMode capture_mode,
38 const std::string& header,
39 const std::string& value) {
40 std::string::const_iterator redact_begin = value.begin();
41 std::string::const_iterator redact_end = value.begin();
43 if (redact_begin == redact_end &&
44 !capture_mode.include_cookies_and_credentials()) {
45 // Note: this logic should be kept in sync with stripCookiesAndLoginInfo in
46 // chrome/browser/resources/net_internals/log_view_painter.js.
48 if (base::EqualsCaseInsensitiveASCII(header, "set-cookie") ||
49 base::EqualsCaseInsensitiveASCII(header, "set-cookie2") ||
50 base::EqualsCaseInsensitiveASCII(header, "cookie") ||
51 base::EqualsCaseInsensitiveASCII(header, "authorization") ||
52 base::EqualsCaseInsensitiveASCII(header, "proxy-authorization")) {
53 redact_begin = value.begin();
54 redact_end = value.end();
55 } else if (base::EqualsCaseInsensitiveASCII(header, "www-authenticate") ||
56 base::EqualsCaseInsensitiveASCII(header, "proxy-authenticate")) {
57 // Look for authentication information from data received from the server
58 // in multi-round Negotiate authentication.
59 HttpAuthChallengeTokenizer challenge(value.begin(), value.end());
60 if (ShouldRedactChallenge(&challenge)) {
61 redact_begin = challenge.params_begin();
62 redact_end = challenge.params_end();
67 if (redact_begin == redact_end)
68 return value;
70 return std::string(value.begin(), redact_begin) +
71 base::StringPrintf("[%ld bytes were stripped]",
72 static_cast<long>(redact_end - redact_begin)) +
73 std::string(redact_end, value.end());
76 } // namespace net