npm - @redthreadlabs/tracelog - Versions diffs - 1.8.0 → 1.9.0 - Mend

@redthreadlabs/tracelog 1.8.0 → 1.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/lib/filters/sanitize-field-names.js +25 -14
package/lib/parsers.js +8 -11
package/package.json +1 -1

package/lib/filters/sanitize-field-names.js CHANGED Viewed

@@ -47,44 +47,55 @@ function redactKeysFromPostedFormVariables(body, requestHeaders, regexes) {
 }
 /**
- * Redact sensitive fields from a captured request body of any supported
- * content type:
+ * Redact sensitive fields from a captured request body, returning a
+ * structured value wherever the body is structured (since 1.9.0):
  *
- * - `application/x-www-form-urlencoded` — top-level form fields (the
- *   historical Elastic APM behavior).
  * - JSON content types (`application/json`, `application/*+json`, with or
  *   without a charset suffix) — **deep** redaction: any key at any depth
  *   matching the sanitizeFieldNames patterns is replaced, recursing through
- *   nested objects and arrays. Stringified JSON bodies are parsed, redacted,
- *   and re-stringified; strings that fail to parse are returned untouched.
+ *   nested objects and arrays. The result is an **embedded object/array**,
+ *   whether the body arrived parsed or as a JSON string. Strings that fail
+ *   to parse are returned untouched as strings.
+ * - `application/x-www-form-urlencoded` — also returned as an embedded,
+ *   deep-redacted object (extended parsers can nest); historically this
+ *   re-serialized to a query string.
  * - anything else — returned as-is.
  *
  * @param {Object | String} body
  * @param {Object} requestHeaders
  * @param {Array<RegExp>} regexes
- * @returns {Object | String} a copy of the body with redacted fields
+ * @returns {Object | Array | String} redacted body, structured when possible
  */
 function redactKeysFromBody(body, requestHeaders, regexes) {
+  // Operate even without patterns: redactDeep also normalizes circulars and
+  // pathological nesting, which must never reach the serializer.
+  const res = Array.isArray(regexes) ? regexes : [];
   const contentType = String(requestHeaders['content-type'] || '');
-  if (!isJsonContentType(contentType)) {
-    return redactKeysFromPostedFormVariables(body, requestHeaders, regexes);
+  const mime = contentType.split(';')[0].trim().toLowerCase();
+  // A body some middleware already parsed is structured data no matter what
+  // the content-type header claims — deep-redact and embed it.
+  if (body !== null && !Buffer.isBuffer(body) && typeof body === 'object') {
+    return redactDeep(body, res, 0, new WeakSet());
   }
-  if (!Array.isArray(regexes)) {
+  if (typeof body !== 'string') {
     return body;
   }
-  if (body !== null && !Buffer.isBuffer(body) && typeof body === 'object') {
-    return redactDeep(body, regexes, 0, new WeakSet());
+  if (mime === HEADER_FORM_URLENCODED) {
+    // querystring.parse returns a null-prototype object; copy to a plain one
+    return redactDeep({ ...querystring.parse(body) }, res, 0, new WeakSet());
   }
-  if (typeof body === 'string') {
+  if (isJsonContentType(contentType)) {
     let parsed;
     try {
       parsed = JSON.parse(body);
     } catch (_err) {
       return body; // claimed JSON but isn't; leave it alone
     }
-    return JSON.stringify(redactDeep(parsed, regexes, 0, new WeakSet()));
+    return redactDeep(parsed, res, 0, new WeakSet());
   }
   return body;

package/lib/parsers.js CHANGED Viewed

@@ -12,7 +12,6 @@ const basicAuth = require('basic-auth');
 const getUrlFromRequest = require('original-url');
 const parseHttpHeadersFromReqOrRes = require('http-headers');
 const cookie = require('cookie');
-const stringify = require('fast-safe-stringify');
 const REDACTED = require('./constants').REDACTED;
 const {
@@ -97,23 +96,26 @@ function getContextFromRequest(req, conf, type) {
   var haveBody = body && (chunked || contentLength > 0);
   if (haveBody) {
+    const bodyContentType = String(req.headers['content-type'] || '');
     if (!captureBody) {
       context.body = '[REDACTED]';
+    } else if (bodyContentType.split(';')[0].trim().toLowerCase().startsWith('multipart/')) {
+      // File uploads: never record the raw multipart body — it can embed
+      // entire file contents and no per-field redaction applies to it.
+      context.body = '[REDACTED: multipart body]';
     } else if (Buffer.isBuffer(body)) {
       context.body = '<Buffer>';
     } else {
       if (typeof body === 'string' && req.bodyIsBase64Encoded === true) {
         body = Buffer.from(body, 'base64').toString('utf8');
       }
-      body = redactKeysFromBody(
+      // Structured bodies (JSON, form-encoded) come back as deep-redacted
+      // objects and are recorded embedded, not stringified (since 1.9.0).
+      context.body = redactKeysFromBody(
         body,
         req.headers,
         conf.sanitizeFieldNamesRegExp,
       );
-      if (typeof body !== 'string') {
-        body = tryJsonStringify(body) || stringify(body);
-      }
-      context.body = body;
     }
   }
@@ -211,11 +213,6 @@ function parseUrl(urlStr) {
   return new url.URL(urlStr, 'relative:///');
 }
-function tryJsonStringify(obj) {
-  try {
-    return JSON.stringify(obj);
-  } catch (e) {}
-}
 module.exports = {
   getContextFromRequest,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@redthreadlabs/tracelog",
-  "version": "1.8.0",
+  "version": "1.9.0",
   "description": "Node.js APM instrumentation that writes traces to JSONL files",
   "publishConfig": {
     "access": "public"