spacecruft
/
Farmbot-Web-App
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Downgrade exception to "return false;" in log sanitizer

pull/1280/head
Rick Carlino 2019-07-16 08:37:09 -05:00
parent e902f9bb9e
commit 90b9fbd2d3
2 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
frontend/devices/__tests__/actions_test.ts
View File

@ -263,8 +263,9 @@ describe("isLog()", function () {
});
it("filters sensitive logs", () => {
expect(() => actions.isLog({ message: "NERVESPSKWPASSWORD" }))
.toThrowError(/Refusing to display log/);
const log = { message: "NERVESPSKWPASSWORD" };
const result = actions.isLog(log);
expect(result).toBe(false);
});
});

11
frontend/devices/actions.ts
View File

@ -37,12 +37,13 @@ export const FEATURE_MIN_VERSIONS_URL =
// be reported to Rollbar for investigation.
const BAD_WORDS = ["WPA", "PSK", "PASSWORD", "NERVES"];
// tslint:disable-next-line:no-any
export function isLog(x: any): x is Log {
const yup = isObject(x) && isString(get(x, "message" as keyof Log));
export function isLog(x: unknown): x is Log {
const msg = get(x, "message" as keyof Log);
const yup = isObject(x) && isString(msg);
if (yup) {
if (oneOf(BAD_WORDS, x.message.toUpperCase())) {// SECURITY CRITICAL CODE.
throw new Error("Refusing to display log: " + JSON.stringify(x));
if (oneOf(BAD_WORDS, msg.toUpperCase())) { // SECURITY CRITICAL CODE.
console.error("Refusing to display log: " + JSON.stringify(x));
return false;
}
return true;
} else {