woocommerce/woocommerce-paypal-payments
2
0
Fork 0
mirror of https://github.com/woocommerce/woocommerce-paypal-payments.git synced 2025-09-06 18:16:38 +08:00
Code Issues Projects Packages Wiki Activity Actions

Do not log sensible body data

Browse source
This commit is contained in:
dinamiko 2021-09-14 12:46:41 +02:00
parent 24859e6bc9
commit 9f348ed411
2 changed files with 19 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

2
modules/ppcp-api-client/src/Endpoint/class-requesttrait.php
View file

@ -41,7 +41,7 @@ trait RequestTrait {
$response = wp_remote_get( $url, $args );
if ( $this->logger instanceof WooCommerceLogger ) {
$this->logger->logRequestResponse( $url, $args, $response );
$this->logger->logRequestResponse( $url, $args, $response, $this->host );
}
return $response;

19
modules/woocommerce-logging/src/Logger/class-woocommercelogger.php
View file

@ -69,9 +69,10 @@ class WooCommerceLogger implements LoggerInterface {
* @param string $url The request URL.
* @param array $args The request arguments.
* @param array|WP_Error $response The response or WP_Error on failure.
* @param string $host The host.
* @return void
*/
public function logRequestResponse( string $url, array $args, $response ) {
public function logRequestResponse( string $url, array $args, $response, string $host ) {
if ( is_wp_error( $response ) ) {
$this->error( $response->get_error_code() . ' ' . $response->get_error_message() );
@ -81,8 +82,17 @@ class WooCommerceLogger implements LoggerInterface {
$method = $args['method'] ?? '';
$output = $method . ' ' . $url . "\n";
if ( isset( $args['body'] ) ) {
if ( ! in_array(
$url,
array(
trailingslashit( $host ) . 'v1/oauth2/token/',
trailingslashit( $host ) . 'v1/oauth2/token?grant_type=client_credentials',
),
true
) ) {
$output .= 'Request Body: ' . wc_print_r( $args['body'], true ) . "\n";
}
}
if ( is_array( $response ) ) {
if ( isset( $response['headers']->getAll()['paypal-debug-id'] ) ) {
@ -90,11 +100,14 @@ class WooCommerceLogger implements LoggerInterface {
}
if ( isset( $response['response'] ) ) {
$output .= 'Response: ' . wc_print_r( $response['response'], true ) . "\n";
}
if ( isset( $response['body'] ) ) {
if ( isset( $response['body'] )
&& isset( $response['response']['code'] )
&& ! in_array( $response['response']['code'], array( 200, 201, 202, 204 ), true ) ) {
$output .= 'Response Body: ' . wc_print_r( $response['body'], true ) . "\n";
}
}
}
$this->info( $output );
}