Nautilus/ledgerdock
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Redact quoted JSON secret tokens in processing logs

Browse Source
This commit is contained in:
Beda Schmid
2026-02-21 13:57:23 -03:00
parent 3cbad053cc
commit 74a6551237
2 changed files with 71 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
backend/app/models/processing_log.py
View File

@@ -28,6 +28,9 @@ SENSITIVE_KEY_MARKERS = (
"cookie",
)
SENSITIVE_TEXT_PATTERNS = (
re.compile(r"(?i)[\"']authorization[\"']\s*:\s*[\"']bearer\s+[^\"']+[\"']"),
re.compile(r"(?i)[\"']bearer[\"']\s*:\s*[\"'][^\"']+[\"']"),
re.compile(r"(?i)[\"'](?:api[_-]?key|token|secret|password)[\"']\s*:\s*[\"'][^\"']+[\"']"),
re.compile(r"(?i)\bauthorization\b\s*[:=]\s*bearer\s+[a-z0-9._~+/\-]+=*"),
re.compile(r"(?i)\bbearer\s+[a-z0-9._~+/\-]+=*"),
re.compile(r"\b[a-z0-9_-]{8,}\.[a-z0-9_-]{8,}\.[a-z0-9_-]{8,}\b", flags=re.IGNORECASE),