jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Hide access tokens from logs

Browse Source
This commit is contained in:
Johannes Zellner
2019-11-22 11:40:36 +01:00
parent ab5e4e998c
commit 134f8a28bf
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/server.js
View File

@@ -49,7 +49,16 @@ function initializeExpressSync() {
app.enable('trust proxy');
if (process.env.BOX_ENV !== 'test') {
app.use(middleware.morgan('Box :method :url :status :response-time ms - :res[content-length]', {
app.use(middleware.morgan(function (tokens, req, res) {
return [
'Box',
tokens.method(req, res),
tokens.url(req, res).replace(/(access_token=)[^\&]+/, '$1' + '<redacted>'),
tokens.status(req, res),
tokens['response-time'](req, res), 'ms', '-',
tokens.res(req, res, 'content-length')
].join(' ');
}, {
immediate: false,
// only log failed requests by default
skip: function (req, res) { return res.statusCode < 400; }