From a2b075c0d7e7c0a31527c5bbd69cfa7c3efba13b Mon Sep 17 00:00:00 2001 From: Martin Gross Date: Wed, 20 Feb 2019 13:37:44 +0100 Subject: [PATCH] Filter sensitive keys from log-messages (#1186) --- src/pretix/base/models/base.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/pretix/base/models/base.py b/src/pretix/base/models/base.py index 687905d0ae..4972f266b5 100644 --- a/src/pretix/base/models/base.py +++ b/src/pretix/base/models/base.py @@ -77,6 +77,13 @@ class LoggingMixin: logentry = LogEntry(content_object=self, user=user, action_type=action, event=event, **kwargs) if isinstance(data, dict): + sensitivekeys = ['password', 'secret', 'api_key'] + + for sensitivekey in sensitivekeys: + for k, v in data.items(): + if (sensitivekey in k) and v: + data[k] = "********" + logentry.data = json.dumps(data, cls=CustomJSONEncoder) elif data: raise TypeError("You should only supply dictionaries as log data.")