(reqType string, path string, body string)
| 322 | } |
| 323 | |
| 324 | func checkRequestBody(reqType string, path string, body string) string { |
| 325 | switch reqType { |
| 326 | case Grpc: |
| 327 | if skipReqBodyGrpc[path] { |
| 328 | regex, err := regexp.Compile( |
| 329 | `password[\s]?(.*?)[\s]?:[\s]?(.*?)[\s]?"[\s]?(.*?)[\s]?"`) |
| 330 | if err != nil { |
| 331 | return body |
| 332 | } |
| 333 | body = regex.ReplaceAllString(body, "*******") |
| 334 | } |
| 335 | case Http: |
| 336 | if path == "/admin" { |
| 337 | return maskPasswordFieldsInGQL(body) |
| 338 | } else if path == "/grapqhl" { |
| 339 | regex, err := regexp.Compile( |
| 340 | `check[\s]?(.*?)[\s]?Password[\s]?(.*?)[\s]?:[\s]?(.*?)[\s]?"[\s]?(.*?)[\s]?"`) |
| 341 | if err != nil { |
| 342 | return body |
| 343 | } |
| 344 | body = regex.ReplaceAllString(body, "*******") |
| 345 | } |
| 346 | } |
| 347 | return body |
| 348 | } |
| 349 | |
| 350 | func getRequestBody(r *http.Request) []byte { |
| 351 | var in io.Reader = r.Body |
no test coverage detected