From e7d4b857f7006f125d591db9b1dd009c6f176090 Mon Sep 17 00:00:00 2001
From: sentriz <senan@senan.xyz>
Date: Tue, 23 Mar 2021 21:15:56 +0000
Subject: [PATCH] sanitise password in logs

---
 server/ctrlbase/ctrl.go | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/server/ctrlbase/ctrl.go b/server/ctrlbase/ctrl.go
index 604ebdd..39daa24 100644
--- a/server/ctrlbase/ctrl.go
+++ b/server/ctrlbase/ctrl.go
@@ -63,7 +63,13 @@ func (c *Controller) WithLogging(next http.Handler) http.Handler {
 		// other middlewares and the custom ResponseWriter has been written
 		sw := &statusWriter{ResponseWriter: w}
 		next.ServeHTTP(sw, r)
-		log.Printf("response %s for `%s`", statusToBlock(sw.status), r.URL)
+
+		// sanitise password
+		if q := r.URL.Query(); q.Get("p") != "" {
+			q.Set("p", "REDACTED")
+			r.URL.RawQuery = q.Encode()
+		}
+		log.Printf("response %s for `%v`", statusToBlock(sw.status), r.URL)
 	})
 }