VictoriaMetrics/app/vmalert/utils_test.go
Dmytro Kozlov 1c257af367
app/vmalert: hide sensetive info in the vmalert (#5059)
Strip sensitive information such as auth headers or passwords from datasource, remote-read,
remote-write or notifier URLs in log messages or UI. This behavior is by default and is controlled via
`-datasource.showURL`, `-remoteRead.showURL`, `remoteWrite.showURL` or `-notifier.showURL` cmd-line flags.

https://github.com/VictoriaMetrics/VictoriaMetrics/issues/5044
2023-10-16 01:42:39 +02:00

75 lines
2.2 KiB
Go

package main
import (
"net/http"
"testing"
)
func TestRequestToCurl(t *testing.T) {
f := func(req *http.Request, exp string) {
t.Helper()
got := requestToCurl(req)
if got != exp {
t.Fatalf("expected to have %q; got %q instead", exp, got)
}
}
newReq := func(url string, queryParams ...string) *http.Request {
t.Helper()
r, err := http.NewRequest(http.MethodPost, url, nil)
if err != nil {
t.Fatal(err)
}
params := r.URL.Query()
for i := 0; i < len(queryParams); i += 2 {
params.Add(queryParams[i], queryParams[i+1])
}
r.URL.RawQuery = params.Encode()
return r
}
req := newReq("foo.com")
f(req, "curl -X POST 'http://foo.com'")
req = newReq("foo.com")
req.Header.Set("foo", "bar")
req.Header.Set("baz", "qux")
f(req, "curl -X POST -H 'Baz: qux' -H 'Foo: bar' 'http://foo.com'")
req = newReq("foo.com", "query", "up", "step", "10")
f(req, "curl -X POST 'http://foo.com?query=up&step=10'")
req = newReq("http://foo.com", "query", "up", "step", "10")
f(req, "curl -X POST 'http://foo.com?query=up&step=10'")
req = newReq("https://foo.com", "query", "up", "step", "10")
f(req, "curl -k -X POST 'https://foo.com?query=up&step=10'")
req = newReq("https://user:pass@foo.com", "query", "up", "step", "10")
f(req, "curl -k -X POST 'https://user:xxxxx@foo.com?query=up&step=10'")
req = newReq("https://user:pass@foo.com")
req.Header.Set("Authorisation", "Bearer 123456")
f(req, "curl -k -X POST -H 'Authorisation: <secret>' 'https://user:xxxxx@foo.com'")
req = newReq("https://user:pass@foo.com")
req.Header.Set("Authorisation", "Basic 123456")
f(req, "curl -k -X POST -H 'Authorisation: <secret>' 'https://user:xxxxx@foo.com'")
req = newReq("https://foo.com")
req.Header.Set("My-Password", "mypassword")
f(req, "curl -k -X POST -H 'My-Password: <secret>' 'https://foo.com'")
req = newReq("https://foo.com")
req.Header.Set("key-for", "my-new-key")
f(req, "curl -k -X POST -H 'Key-For: <secret>' 'https://foo.com'")
req = newReq("https://foo.com")
req.Header.Set("My-Secret-Org", "secret-organisation")
f(req, "curl -k -X POST -H 'My-Secret-Org: <secret>' 'https://foo.com'")
req = newReq("https://foo.com")
req.Header.Set("Token", "secret-token")
f(req, "curl -k -X POST -H 'Token: <secret>' 'https://foo.com'")
}