jan/openreplay
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

spot: sanitize url query params

Browse source
This commit is contained in:
nick-delirium 2024-09-20 17:42:27 +02:00
parent 0f65ff856a
commit 9a9f850697
No known key found for this signature in database
GPG key ID: 93ABD695DF5FDBA0
1 changed files with 18 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
spot/utils/networkTracking.ts
View file

@ -130,6 +130,23 @@ function obscureSensitiveData(obj: Record<string, any> | any[]) {
}
}
function tryFilterUrl(url: string) {
if (!url) return ''
try {
const urlObj = new URL(url);
if (urlObj.searchParams) {
for (const key of urlObj.searchParams.keys()) {
if (sensitiveParams.has(key.toLowerCase())) {
urlObj.searchParams.set(key, "******");
}
}
}
return urlObj.toString();
} catch (e) {
return url;
}
}
export function createSpotNetworkRequest(
trackedRequest: TrackedRequest,
trackedTab?: number,
@ -185,7 +202,7 @@ export function createSpotNetworkRequest(
time: trackedRequest.timeStamp,
statusCode: status,
error: trackedRequest.error,
url: trackedRequest.url,
url: tryFilterUrl(trackedRequest.url),
fromCache: trackedRequest.fromCache || false,
encodedBodySize: reqSize,
responseBodySize: trackedRequest.responseSize,