Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-17 14:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

http: fix password capture when enabled

Browse source 
The current implementation would only log, if the password contains a
colon, the part before the first colon (e.g., the password
`password:password` would be logged as `password`).

A test has been added to confirm the expected behaviour.
This commit is contained in:
Pierre Lalet 2024-08-28 21:44:39 +02:00
parent 79ebce6e3c
commit 88368ae856
4 changed files with 21 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

8
testing/btest/scripts/base/protocols/http/http-basic-auth-colon.zeek Normal file
View file

@ -0,0 +1,8 @@
# Authorization: Basic password has a colon in its value
#
# @TEST-EXEC: zeek -b -r $TRACES/http/basic-auth-with-colon.trace %INPUT
# @TEST-EXEC: btest-diff http.log
@load base/protocols/http
redef HTTP::default_capture_password = T;