diff options
author | Lukas Fleischer <lfleischer@calcurse.org> | 2018-05-23 17:58:25 +0200 |
---|---|---|
committer | Lukas Fleischer <lfleischer@calcurse.org> | 2018-05-23 17:59:50 +0200 |
commit | fda8c1a7e20414788bc738dba25904031299cb4c (patch) | |
tree | 547beee60d53e75050342f5eb6c5c6bd1d05a5c8 | |
parent | 912124bcdcd223981db535ebb784789d4bd03ede (diff) | |
download | calcurse-fda8c1a7e20414788bc738dba25904031299cb4c.tar.gz calcurse-fda8c1a7e20414788bc738dba25904031299cb4c.zip |
calcurse-caldav: remove authorization data from logs
The Authorization header contains the Base64-encoded user name and
password. Remove this information from debug logs, unless the user
explicitly requests to keep them by using the --debug-raw flag.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
-rwxr-xr-x | contrib/caldav/calcurse-caldav.py | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/contrib/caldav/calcurse-caldav.py b/contrib/caldav/calcurse-caldav.py index 997a5f6..33971e0 100755 --- a/contrib/caldav/calcurse-caldav.py +++ b/contrib/caldav/calcurse-caldav.py @@ -189,7 +189,10 @@ def remote_query(conn, cmd, path, additional_headers, body): if debug: print("> {} {}".format(cmd, path)) - print("> Headers: " + repr(headers)) + headers_sanitized = headers + if not debug_raw: + headers_sanitized.pop('Authorization', None) + print("> Headers: " + repr(headers_sanitized)) if body: for line in body.splitlines(): print("> " + line) @@ -504,6 +507,8 @@ parser.add_argument('-v', '--verbose', action='store_true', dest='verbose', help='print status messages to stdout') parser.add_argument('--debug', action='store_true', dest='debug', default=False, help='print debug messages to stdout') +parser.add_argument('--debug-raw', action='store_true', dest='debug_raw', + default=False, help='do not sanitize debug messages') args = parser.parse_args() init = args.init is not None @@ -514,6 +519,7 @@ hookdir = args.hookdir authcode = args.authcode verbose = args.verbose debug = args.debug +debug_raw = args.debug_raw # Read environment variables password = os.getenv('CALCURSE_CALDAV_PASSWORD') |