Elide proxy authentication headers

The change prevent the data reduction proxy's authentication headers from being exposed in net logs and dev tools. BUG=179382 Review URL: https://codereview.chromium.org/149703005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@248566 0039d316-1c4b-4281-b951-d872f2087c98

Elide proxy authentication headers
The change prevent the data reduction proxy's authentication headers from being exposed in net logs and dev tools. BUG=179382 Review URL: https://codereview.chromium.org/149703005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@248566 0039d316-1c4b-4281-b951-d872f2087c98
5000c113 · bengr@chromium.org · 6ab35fce · 5000c113 · 5000c113
Commit 5000c113 authored Feb 03, 2014 by bengr@chromium.org
Hide whitespace changes
Inline Side-by-side

Showing with 30 additions and 7 deletions

net/http/http_request_headers.cc net/http/http_request_headers.cc +17 -4

net/http/http_response_headers.cc net/http/http_response_headers.cc +13 -3

No files found.
--- a/net/http/http_request_headers.cc
+++ b/net/http/http_request_headers.cc
@@ -11,6 +11,18 @@
 #include "base/values.h"
 #include "net/http/http_util.h"
+namespace {
+bool ShouldShowHttpHeaderValue(const std::string& header_name) {
+#if defined(SPDY_PROXY_AUTH_ORIGIN)
+  if (header_name == "Proxy-Authorization")
+    return false;
+#endif
+  return true;
+}
+}  // namespace
 namespace net {
 const char HttpRequestHeaders::kGetMethod[] = "GET";
@@ -191,10 +203,11 @@ base::Value* HttpRequestHeaders::NetLogCallback(
  base::ListValue* headers = new base::ListValue();
  for (HeaderVector::const_iterator it = headers_.begin();
       it != headers_.end(); ++it) {
-    headers->Append(
+    headers->Append(new base::StringValue(
-        new base::StringValue(base::StringPrintf("%s: %s",
+        base::StringPrintf("%s: %s",
-                                                 it->key.c_str(),
+                           it->key.c_str(),
-                                                 it->value.c_str())));
+                           (ShouldShowHttpHeaderValue(it->key) ?
+                               it->value.c_str() : "[elided]"))));
  }
  dict->Set("headers", headers);
  return dict;

--- a/net/http/http_response_headers.cc
+++ b/net/http/http_response_headers.cc
@@ -113,6 +113,14 @@ void CheckDoesNotHaveEmbededNulls(const std::string& str) {
  CHECK(str.find('\0') == std::string::npos);
 }
+bool ShouldShowHttpHeaderValue(const std::string& header_name) {
+#if defined(SPDY_PROXY_AUTH_ORIGIN)
+  if (header_name == "Proxy-Authenticate")
+    return false;
+#endif
+  return true;
+}
 }  // namespace
 const char HttpResponseHeaders::kContentRange[] = "Content-Range";
@@ -1311,9 +1319,11 @@ base::Value* HttpResponseHeaders::NetLogCallback(
  std::string value;
  while (EnumerateHeaderLines(&iterator, &name, &value)) {
    headers->Append(
-      new base::StringValue(base::StringPrintf("%s: %s",
+      new base::StringValue(
-                                               name.c_str(),
+          base::StringPrintf("%s: %s",
-                                               value.c_str())));
+                             name.c_str(),
+                             (ShouldShowHttpHeaderValue(name) ?
+                                 value.c_str() : "[elided]"))));
  }
  dict->Set("headers", headers);
  return dict;