Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix parse_url #2161

Merged
merged 7 commits into from Jun 7, 2023
Merged

Fix parse_url #2161

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
912809c
fix
sentrivana Jun 7, 2023
a873c38
type fixes, test
sentrivana Jun 7, 2023
7d28a93
Added username/pwd to url in test
antonpirker Jun 7, 2023
11fe524
Fixed typing
antonpirker Jun 7, 2023
5f34901
Ignore mypy
antonpirker Jun 7, 2023
3a39059
sort query
sentrivana Jun 7, 2023
207ec9d
fix
sentrivana Jun 7, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
40 changes: 23 additions & 17 deletions sentry_sdk/utils.py
View file
Open in desktop
Expand Up @@ -1353,8 +1353,8 @@ def from_base64(base64_string):
Components = namedtuple("Components", ["scheme", "netloc", "path", "query", "fragment"])


def sanitize_url(url, remove_authority=True, remove_query_values=True):
# type: (str, bool, bool) -> str
def sanitize_url(url, remove_authority=True, remove_query_values=True, split=False):
# type: (str, bool, bool, bool) -> Union[str, Components]
"""
Removes the authority and query parameter values from a given URL.
"""
Expand Down Expand Up @@ -1383,17 +1383,18 @@ def sanitize_url(url, remove_authority=True, remove_query_values=True):
else:
query_string = parsed_url.query

safe_url = urlunsplit(
Components(
scheme=parsed_url.scheme,
netloc=netloc,
query=query_string,
path=parsed_url.path,
fragment=parsed_url.fragment,
)
components = Components(
scheme=parsed_url.scheme,
netloc=netloc,
query=query_string,
path=parsed_url.path,
fragment=parsed_url.fragment,
)

return safe_url
if split:
return components
else:
return urlunsplit(components)


ParsedUrl = namedtuple("ParsedUrl", ["url", "query", "fragment"])
Expand All @@ -1406,20 +1407,25 @@ def parse_url(url, sanitize=True):
parameters will be sanitized to remove sensitive data. The autority (username and password)
in the URL will always be removed.
"""
url = sanitize_url(url, remove_authority=True, remove_query_values=sanitize)
parsed_url = sanitize_url(
url, remove_authority=True, remove_query_values=sanitize, split=True
)

parsed_url = urlsplit(url)
base_url = urlunsplit(
Components(
scheme=parsed_url.scheme,
netloc=parsed_url.netloc,
scheme=parsed_url.scheme, # type: ignore
netloc=parsed_url.netloc, # type: ignore
query="",
path=parsed_url.path,
path=parsed_url.path, # type: ignore
fragment="",
)
)

return ParsedUrl(url=base_url, query=parsed_url.query, fragment=parsed_url.fragment)
return ParsedUrl(
url=base_url,
query=parsed_url.query, # type: ignore
fragment=parsed_url.fragment, # type: ignore
)


def is_valid_sample_rate(rate, source):
Expand Down
18 changes: 18 additions & 0 deletions tests/test_utils.py
View file
Open in desktop
Expand Up @@ -69,6 +69,24 @@ def test_sanitize_url(url, expected_result):
assert parts == expected_parts


def test_sanitize_url_and_split():
parts = sanitize_url(
"https://username:password@example.com?token=abc&sessionid=123&save=true",
split=True,
)

expected_query = sorted(
"token=[Filtered]&sessionid=[Filtered]&save=[Filtered]".split("&")
)
query = sorted(parts.query.split("&"))

assert parts.scheme == "https"
assert parts.netloc == "[Filtered]:[Filtered]@example.com"
assert query == expected_query
assert parts.path == ""
assert parts.fragment == ""


@pytest.mark.parametrize(
("url", "sanitize", "expected_url", "expected_query", "expected_fragment"),
[
Expand Down