1berry/nodejs
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

util: adding warnings when NODE_DEBUG is set as http/http2

Browse Source 
PR-URL: https://github.com/nodejs/node/pull/21914
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
This commit is contained in:
Anto Aravinth 2018-07-28 12:12:32 +05:30 committed by Matteo Collina
parent 933d8eb689
commit 980877ffa2
4 changed files with 30 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/util.js
View File

@ -344,11 +344,23 @@ if (process.env.NODE_DEBUG) {
debugEnvRegex = new RegExp(`^${debugEnv}$`, 'i'); debugEnvRegex = new RegExp(`^${debugEnv}$`, 'i');
} }
// Emits warning when user sets
// NODE_DEBUG=http or NODE_DEBUG=http2.
function emitWarningIfNeeded(set) {
if ('HTTP' === set || 'HTTP2' === set) {
process.emitWarning('Setting the NODE_DEBUG environment variable ' +
'to \'' + set.toLowerCase() + '\' can expose sensitive ' +
'data (such as passwords, tokens and authentication headers) ' +
'in the resulting log.');
}
}
function debuglog(set) { function debuglog(set) {
set = set.toUpperCase(); set = set.toUpperCase();
if (!debugs[set]) { if (!debugs[set]) {
if (debugEnvRegex.test(set)) { if (debugEnvRegex.test(set)) {
const pid = process.pid; const pid = process.pid;
emitWarningIfNeeded(set);
debugs[set] = function debug() { debugs[set] = function debug() {
const msg = exports.format.apply(exports, arguments); const msg = exports.format.apply(exports, arguments);
console.error('%s %d: %s', set, pid, msg); console.error('%s %d: %s', set, pid, msg);

1
test/parallel/test-http-conn-reset.js
View File

@ -30,6 +30,7 @@ const options = {
port: undefined port: undefined
}; };
process.env.NODE_DEBUG = 'http';
// start a tcp server that closes incoming connections immediately // start a tcp server that closes incoming connections immediately
const server = net.createServer(function(client) { const server = net.createServer(function(client) {
client.destroy(); client.destroy();

14
test/parallel/test-http-debug.js Normal file
View File

@ -0,0 +1,14 @@
'use strict';
require('../common');
const assert = require('assert');
const child_process = require('child_process');
const path = require('path');
process.env.NODE_DEBUG = 'http';
const { stderr } = child_process.spawnSync(process.execPath, [
path.resolve(__dirname, 'test-http-conn-reset.js')
], { encoding: 'utf8' });
assert(stderr.match(/Setting the NODE_DEBUG environment variable to 'http' can expose sensitive data \(such as passwords, tokens and authentication headers\) in the resulting log\./),
stderr);

3
test/parallel/test-http2-debug.js
View File

@ -7,10 +7,13 @@ const child_process = require('child_process');
const path = require('path'); const path = require('path');
process.env.NODE_DEBUG_NATIVE = 'http2'; process.env.NODE_DEBUG_NATIVE = 'http2';
process.env.NODE_DEBUG = 'http2';
const { stdout, stderr } = child_process.spawnSync(process.execPath, [ const { stdout, stderr } = child_process.spawnSync(process.execPath, [
path.resolve(__dirname, 'test-http2-ping.js') path.resolve(__dirname, 'test-http2-ping.js')
], { encoding: 'utf8' }); ], { encoding: 'utf8' });
assert(stderr.match(/Setting the NODE_DEBUG environment variable to 'http2' can expose sensitive data \(such as passwords, tokens and authentication headers\) in the resulting log\./),
stderr);
assert(stderr.match(/Http2Session client \(\d+\) handling data frame for stream \d+/), assert(stderr.match(/Http2Session client \(\d+\) handling data frame for stream \d+/),
stderr); stderr);
assert(stderr.match(/HttpStream \d+ \(\d+\) \[Http2Session client \(\d+\)\] reading starting/), assert(stderr.match(/HttpStream \d+ \(\d+\) \[Http2Session client \(\d+\)\] reading starting/),