Skip to content

G
golang
Commit 6752ce93 authored by Scott Lawrence's avatar Scott Lawrence Committed by Russ Cox
Browse files
Options

http: obscure passwords in return value of URL.String 

Fixes #974.

R=rsc
CC=golang-dev
https://golang.org/cl/1742057
parent 25410fc5
Hide whitespace changes
Inline Side-by-side
Showing with 30 additions and 1 deletion
src/pkg/http/client.go
View file @ 6752ce93
......@@ -118,6 +118,7 @@ func Get(url string) (r *Response, finalURL string, err os.Error) {
if req.URL, err = ParseURL(url); err != nil {
break
}
url = req.URL.String()
if r, err = send(&req); err != nil {
break
}
......@@ -167,6 +168,7 @@ func Head(url string) (r *Response, err os.Error) {
if req.URL, err = ParseURL(url); err != nil {
return
}
url = req.URL.String()
if r, err = send(&req); err != nil {
return
}
......
src/pkg/http/url.go
View file @ 6752ce93
......@@ -389,7 +389,12 @@ func (url *URL) String() string {
if url.Host != "" || url.Userinfo != "" {
result += "//"
if url.Userinfo != "" {
result += urlEscape(url.Userinfo, false) + "@"
// hide the password, if any
info := url.Userinfo
if i := strings.Index(info, ":"); i >= 0 {
info = info[0:i] + ":******"
}
result += urlEscape(info, false) + "@"
}
result += url.Host
}
......
src/pkg/http/url_test.go
View file @ 6752ce93
......@@ -185,6 +185,28 @@ var urltests = []URLTest{
},
"",
},
URLTest{
"http://user:password@google.com",
&URL{
Raw: "http://user:password@google.com",
Scheme: "http",
Authority: "user:password@google.com",
Userinfo: "user:password",
Host: "google.com",
},
"http://user:******@google.com",
},
URLTest{
"http://user:longerpass@google.com",
&URL{
Raw: "http://user:longerpass@google.com",
Scheme: "http",
Authority: "user:longerpass@google.com",
Userinfo: "user:longerpass",
Host: "google.com",
},
"http://user:******@google.com",
},
}
var urlnofragtests = []URLTest{
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment