From bcfba28befef260d29328964273335519f7522f6 Mon Sep 17 00:00:00 2001 From: Justin Wind Date: Mon, 7 Feb 2022 14:36:48 -0800 Subject: [PATCH] keep response body out of logs during HEAD requests, by removing it from context --- src/service.js | 30 ++++++++++++++++++++++++------ test/src/service.js | 14 ++++++++++++++ 2 files changed, 38 insertions(+), 6 deletions(-) diff --git a/src/service.js b/src/service.js index d493f8a..17fa134 100644 --- a/src/service.js +++ b/src/service.js @@ -68,6 +68,24 @@ class Service extends Dingus { } + /** + * Wrap the Dingus head handler, to remove the response body from the context, + * lest it be logged. + * @param {http.ClientRequest} req + * @param {http.ServerResponse} res + * @param {object} ctx + */ + static setHeadHandler(req, res, ctx) { + if (req.method === 'HEAD') { + Dingus.setHeadHandler(req, res, ctx); + const origEnd = res.end.bind(res); + res.end = function (data, encoding, ...rest) { + const origResult = origEnd(data, encoding, ...rest); + delete ctx.responseBody; + return origResult; + }; + } + } /** * @param {http.ClientRequest} req @@ -97,7 +115,7 @@ class Service extends Dingus { ]; this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); - Dingus.setHeadHandler(req, res, ctx); + Service.setHeadHandler(req, res, ctx); this.setResponseType(responseTypes, req, res, ctx); @@ -116,7 +134,7 @@ class Service extends Dingus { const _scope = _fileScope('handlerGetHealthcheck'); this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); - Dingus.setHeadHandler(req, res, ctx); + Service.setHeadHandler(req, res, ctx); this.setResponseType(this.responseTypes, req, res, ctx); @@ -135,7 +153,7 @@ class Service extends Dingus { const responseTypes = [...this.responseTypes, Enum.ContentType.ImageSVG]; - Dingus.setHeadHandler(req, res, ctx); + Service.setHeadHandler(req, res, ctx); this.setResponseType(responseTypes, req, res, ctx); @@ -152,7 +170,7 @@ class Service extends Dingus { const _scope = _fileScope('handlerGetAdminOverview'); this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); - Dingus.setHeadHandler(req, res, ctx); + Service.setHeadHandler(req, res, ctx); this.setResponseType(this.responseTypes, req, res, ctx); @@ -171,7 +189,7 @@ class Service extends Dingus { const _scope = _fileScope('handlerGetAdminTopicDetails'); this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); - Dingus.setHeadHandler(req, res, ctx); + Service.setHeadHandler(req, res, ctx); this.setResponseType(this.responseTypes, req, res, ctx); @@ -264,7 +282,7 @@ class Service extends Dingus { const _scope = _fileScope('handlerGetAdminLogin'); this.logger.debug(_scope, 'called', { req: common.requestLogData(req), ctx }); - Dingus.setHeadHandler(req, res, ctx); + Service.setHeadHandler(req, res, ctx); this.setResponseType(this.responseTypes, req, res, ctx); diff --git a/test/src/service.js b/test/src/service.js index 23b50e1..cafe1d1 100644 --- a/test/src/service.js +++ b/test/src/service.js @@ -61,6 +61,20 @@ describe('Service', function () { }); }); // maybeIngestBody + describe('setHeadHandler', function () { + it('covers', function () { + const origEnd = res.end; + sinon.stub(Service.__proto__, 'setHeadHandler'); + ctx.responseBody = 'data'; + req.method = 'HEAD'; + Service.setHeadHandler(req, res, ctx); + res.end('foop'); + assert(Service.__proto__.setHeadHandler.called); + assert(origEnd.called); + assert(!('responseBody' in ctx)); + }); + }); // setHeadHandler + describe('handlerPostRoot', function () { it('covers public mode', async function () { await service.handlerPostRoot(req, res, ctx); -- 2.43.2