zefie/minisrv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix password censoring breaking post data

Browse Source
This commit is contained in:
zefie
2022-10-09 20:58:02 -04:00
parent bebc455ce6
commit bf35f0ba60
1 changed files with 14 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
zefie_wtvp_minisrv/WTVShared.js
View File

@@ -385,7 +385,7 @@ class WTVShared {
return obj.substr(0, 6) + ('*').repeat(9); return obj.substr(0, 6) + ('*').repeat(9);
} }
} else { } else {
var newobj = this.v8.deserialize(this.v8.serialize(obj)); var newobj = Object.assign({}, obj);
if (obj.post_data) newobj.post_data = obj.post_data; if (obj.post_data) newobj.post_data = obj.post_data;
if (newobj["wtv-client-serial-number"]) { if (newobj["wtv-client-serial-number"]) {
var ssid = newobj["wtv-client-serial-number"]; var ssid = newobj["wtv-client-serial-number"];
@@ -407,7 +407,7 @@ class WTVShared {
filterRequestLog(obj) { filterRequestLog(obj) {
if (this.minisrv_config.config.filter_passwords_in_logs === true) { if (this.minisrv_config.config.filter_passwords_in_logs === true) {
if (obj.query) { if (obj.query) {
var newobj = this.v8.deserialize(this.v8.serialize(obj)); var newobj = Object.assign({}, obj);
if (obj.post_data) newobj.post_data = obj.post_data; if (obj.post_data) newobj.post_data = obj.post_data;
Object.keys(newobj.query).forEach(function (k) { Object.keys(newobj.query).forEach(function (k) {
var key = k.toLowerCase(); var key = k.toLowerCase();
@@ -430,16 +430,20 @@ class WTVShared {
// complex, to filter // complex, to filter
var post_obj = {}; var post_obj = {};
post_obj.query = []; post_obj.query = [];
var post_text = obj.post_data.toString(this.CryptoJS.enc.Utf8); try {
if (post_text.length > 0) { var post_text = obj.post_data.toString(this.CryptoJS.enc.Utf8);
post_text = post_text.split("&"); if (post_text.length > 0) {
for (let i = 0; i < post_text.length; i++) { post_text = post_text.split("&");
var qraw_split = post_text[i].split("="); for (let i = 0; i < post_text.length; i++) {
if (qraw_split.length == 2) { var qraw_split = post_text[i].split("=");
var k = qraw_split[0]; if (qraw_split.length == 2) {
post_obj.query[k] = unescape(post_text[i].split("=")[1].replace(/\+/g, "%20")); var k = qraw_split[0];
post_obj.query[k] = unescape(post_text[i].split("=")[1].replace(/\+/g, "%20"));
}
} }
} }
} catch (e) {
} }
var post_obj = this.filterRequestLog(post_obj); var post_obj = this.filterRequestLog(post_obj);
post_text = ""; post_text = "";