Add HTTP basic auth headers to default filters

Technically only 'authorization' is used as a header, but PHP will parse the username & password (or digest) — these aren't counted as headers by PHP, but Symfony treats them as headers. Since a lot of other projects use Symfony's HTTP foundation (e.g. Laravel), it makes sense to add them as default filters too
bugsnag · Sep 9, 2020 · 856f15c · 856f15c
1 parent d33e643
commit 856f15c
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 5 deletions.
diff --git a/src/Configuration.php b/src/Configuration.php
@@ -45,7 +45,14 @@ class Configuration
      *
      * @var string[]
      */
-    protected $filters = ['password', 'cookie'];
+    protected $filters = [
+        'password',
+        'cookie',
+        'authorization',
+        'php-auth-user',
+        'php-auth-pw',
+        'php-auth-digest',
+    ];
 
     /**
      * The project root regex.

diff --git a/tests/ClientTest.php b/tests/ClientTest.php
@@ -372,6 +372,7 @@ public function testItAddsADefaultSetOfMiddlewares()
         $_SERVER['HTTP_COOKIE'] = 'tastes=delicious';
         $_SERVER['HTTP_X_FORWARDED_FOR'] = '8.76.54.321';
         $_SERVER['REQUEST_URI'] = '/abc/xyz?abc=1&xyz=2';
+        $_SERVER['HTTP_AUTHORIZATION'] = 'Basic YTpi';
         $_GET['abc'] = '1';
         $_GET['xyz'] = '2';
         $_COOKIE['tastes'] = 'delicious';
@@ -408,6 +409,7 @@ function (Report $report) use (&$pipelineCompleted) {
                             'Host' => 'example.com',
                             'Cookie' => 'tastes=delicious',
                             'X-Forwarded-For' => '8.76.54.321',
+                            'Authorization' => 'Basic YTpi',
                         ],
                     ],
                     'session' => [
@@ -426,6 +428,7 @@ function (Report $report) use (&$pipelineCompleted) {
                         'Host' => 'example.com',
                         'Cookie' => '[FILTERED]',
                         'X-Forwarded-For' => '8.76.54.321',
+                        'Authorization' => '[FILTERED]',
                     ],
                     $payload['metaData']['request']['headers']
                 );

diff --git a/tests/ReportTest.php b/tests/ReportTest.php
@@ -102,12 +102,27 @@ public function testUser()
 
     public function testDefaultFilters()
     {
-        $this->report->setMetaData([
-            'Testing' => ['password' => '123456', 'Cookie' => 'abc=xyz'],
-        ]);
+        $metadata = array_reduce(
+            $this->config->getFilters(),
+            function ($metadata, $filter) {
+                $metadata[$filter] = "abc {$filter} xyz";
+
+                return $metadata;
+            },
+            []
+        );
+
+        $this->report->setMetaData(['Testing' => $metadata]);
 
         $this->assertSame(
-            ['password' => '[FILTERED]', 'Cookie' => '[FILTERED]'],
+            [
+                'password' => '[FILTERED]',
+                'cookie' => '[FILTERED]',
+                'authorization' => '[FILTERED]',
+                'php-auth-user' => '[FILTERED]',
+                'php-auth-pw' => '[FILTERED]',
+                'php-auth-digest' => '[FILTERED]',
+            ],
             $this->report->toArray()['metaData']['Testing']
         );
     }