remove token from notifier middleware

oslo-incubator sync to address the security bug in middleware (as below). notifier middleware is capturing token and sending it to MQ. this is not advisable so we should filter it out. Change-Id: Ia1bfa1bd24989681db1d2f385defc12e69a01f8d Closes-Bug: #1321080
2014-06-19 02:30:13 +00:00 · 2014-06-19 02:30:13 +00:00 · 0324965a0c
parent d568fee34b
commit 0324965a0c
3 changed files with 10 additions and 10 deletions
--- a/neutron/openstack/common/middleware/catch_errors.py
+++ b/neutron/openstack/common/middleware/catch_errors.py
@ -22,7 +22,7 @@ to hide internal errors from API response.
 import webob.dec
 import webob.exc
-from neutron.openstack.common.gettextutils import _  # noqa
+from neutron.openstack.common.gettextutils import _LE
 from neutron.openstack.common import log as logging
 from neutron.openstack.common.middleware import base
@ -37,7 +37,7 @@ class CatchErrorsMiddleware(base.Middleware):
        try:
            response = req.get_response(self.application)
        except Exception:
-            LOG.exception(_('An error occurred during '
+            LOG.exception(_LE('An error occurred during '
-                            'processing the request: %s'))
+                              'processing the request: %s'))
            response = webob.exc.HTTPInternalServerError()
        return response
--- a/neutron/openstack/common/middleware/notifier.py
+++ b/neutron/openstack/common/middleware/notifier.py
@ -24,7 +24,7 @@ import six
 import webob.dec
 from neutron.openstack.common import context
-from neutron.openstack.common.gettextutils import _
+from neutron.openstack.common.gettextutils import _LE
 from neutron.openstack.common import log as logging
 from neutron.openstack.common.middleware import base
 from neutron.openstack.common.notifier import api
@ -37,8 +37,8 @@ def log_and_ignore_error(fn):
        try:
            return fn(*args, **kwargs)
        except Exception as e:
-            LOG.exception(_('An exception occurred processing '
+            LOG.exception(_LE('An exception occurred processing '
-                            'the API call: %s ') % e)
+                              'the API call: %s ') % e)
    return wrapped
@ -56,7 +56,7 @@ class RequestNotifier(base.Middleware):
        return _factory
    def __init__(self, app, **conf):
-        self.service_name = conf.get('service_name', None)
+        self.service_name = conf.get('service_name')
        self.ignore_req_list = [x.upper().strip() for x in
                                conf.get('ignore_req_list', '').split(',')]
        super(RequestNotifier, self).__init__(app)
@ -68,7 +68,7 @@ class RequestNotifier(base.Middleware):
        """
        return dict((k, v) for k, v in six.iteritems(environ)
-                    if k.isupper())
+                    if k.isupper() and k != 'HTTP_X_AUTH_TOKEN')
    @log_and_ignore_error
    def process_request(self, request):
--- a/neutron/openstack/common/middleware/sizelimit.py
+++ b/neutron/openstack/common/middleware/sizelimit.py
@ -29,8 +29,8 @@ from neutron.openstack.common.middleware import base
 max_req_body_size = cfg.IntOpt('max_request_body_size',
                               deprecated_name='osapi_max_request_body_size',
                               default=114688,
-                               help='the maximum body size '
+                               help='The maximum body size '
-                                    'per each request(bytes)')
+                                    'per request, in bytes')
 CONF = cfg.CONF
 CONF.register_opt(max_req_body_size)