7 May 18:13
Re: Header sanitization
From: Ivan Ristic <ivan.ristic <at> gmail.com>
Subject: Re: Header sanitization
Newsgroups: gmane.comp.apache.mod-security.user
Date: 2008-05-07 16:13:45 GMT
Subject: Re: Header sanitization
Newsgroups: gmane.comp.apache.mod-security.user
Date: 2008-05-07 16:13:45 GMT
On Wed, May 7, 2008 at 4:05 PM, Nick Gearls <nickgearls <at> gmail.com> wrote: > I found a possible solution. > If we write a filter to strip the password, then we could > 1. map the "base64(user:pwd)" > 2. decode64 it, strip pwd, and map it again > 3. print TX.1 in log > > > Questions: > > 1. Any generic function to strip things after the colon ? > If not, we could write a generic sub plug-in. You mean sanitise just part of the header? We don't have such a feature at the moment but we have scheduled RESPONSE_BODY sanitation for 2.6 and there we will have to support partial field sanitation. Perhaps we'd be able to extend it to cover other fields. > 2. This works on rules checking the Authorization header. > Any way to add this for all log entries ? I am not following, can you please elaborate? > Thanks, > > Nick > > > > > Nick Gearls wrote: > > Hello, > > > > For obvious privacy reasons, it is advisable to sanitize the header > > "Authorization" in the log. > > However, it may be handy to have the userid part of it in case of an > > error trap. > > Any possibility ? > > > > Thanks, > > > > Nick > > > > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by the 2008 JavaOne(SM) Conference > Don't miss this year's exciting event. There's still time to save $100. > Use priority code J8TL2D2. > http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone > _______________________________________________ > mod-security-users mailing list > mod-security-users <at> lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/mod-security-users > -- -- Ivan Ristic ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
RSS Feed