New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@instana/core
Advanced tools
@instana/core - npm Package Compare versions
Comparing version 1.124.0 to 1.125.0
| { | ||
| "name": "@instana/core", | ||
| "version": "1.124.0", | ||
| "version": "1.125.0", | ||
| "description": "Core library for Instana's Node.js packages", | ||
@@ -136,3 +136,3 @@ "main": "src/index.js", | ||
| }, | ||
| "gitHead": "70dd8de8d97acf6f11aa501ad120570f0aceb814" | ||
| "gitHead": "a5df61b17bd1b503ba5cd9c91e9da1f0d6250c72" | ||
| } |
@@ -15,7 +15,4 @@ /* | ||
| const tracingUtil = require('../../tracingUtil'); | ||
| const urlUtil = require('../../../util/url'); | ||
| const { filterParams, sanitizeUrl } = require('../../../util/url'); | ||
| const discardUrlParameters = urlUtil.discardUrlParameters; | ||
| const filterParams = urlUtil.filterParams; | ||
| let extraHttpHeadersToCapture; | ||
@@ -98,3 +95,3 @@ let isActive = false; | ||
| const pathWithoutQuery = discardUrlParameters(path); | ||
| const pathWithoutQuery = sanitizeUrl(path); | ||
| const params = splitAndFilter(path); | ||
@@ -101,0 +98,0 @@ |
@@ -16,7 +16,4 @@ /* | ||
| const tracingHeaders = require('../../tracingHeaders'); | ||
| const urlUtil = require('../../../util/url'); | ||
| const { filterParams, sanitizeUrl } = require('../../../util/url'); | ||
| const discardUrlParameters = urlUtil.discardUrlParameters; | ||
| const filterParams = urlUtil.filterParams; | ||
| let extraHttpHeadersToCapture; | ||
@@ -132,3 +129,3 @@ let isActive = false; | ||
| method, | ||
| url: discardUrlParameters(pathParts.shift()), | ||
| url: sanitizeUrl(pathParts.shift()), | ||
| params: pathParts.length > 0 ? pathParts.join('?') : undefined, | ||
@@ -135,0 +132,0 @@ host: authority, |
@@ -15,3 +15,3 @@ /* | ||
| const tracingUtil = require('../../tracingUtil'); | ||
| const urlUtil = require('../../../util/url'); | ||
| const { filterParams, sanitizeUrl } = require('../../../util/url'); | ||
| const httpCommon = require('./_http'); | ||
@@ -22,5 +22,2 @@ const constants = require('../../constants'); | ||
| const discardUrlParameters = urlUtil.discardUrlParameters; | ||
| const filterParams = urlUtil.filterParams; | ||
| let extraHttpHeadersToCapture; | ||
@@ -150,6 +147,6 @@ let isActive = false; | ||
| // just one string.... | ||
| completeCallUrl = discardUrlParameters(urlArg); | ||
| completeCallUrl = sanitizeUrl(urlArg); | ||
| params = splitAndFilter(urlArg); | ||
| } else if (urlArg && isUrlObject(urlArg)) { | ||
| completeCallUrl = discardUrlParameters(url.format(urlArg)); | ||
| completeCallUrl = sanitizeUrl(url.format(urlArg)); | ||
| params = dropLeadingQuestionMark(filterParams(urlArg.search)); | ||
@@ -278,3 +275,3 @@ } else if (options) { | ||
| if (options.href) { | ||
| return [discardUrlParameters(options.href), splitAndFilter(options.href)]; | ||
| return [sanitizeUrl(options.href), splitAndFilter(options.href)]; | ||
| } | ||
@@ -293,3 +290,3 @@ | ||
| const path = options.path || '/'; | ||
| return [discardUrlParameters(`${protocol}//${host}:${port}${path}`), splitAndFilter(path)]; | ||
| return [sanitizeUrl(`${protocol}//${host}:${port}${path}`), splitAndFilter(path)]; | ||
| } catch (e) { | ||
@@ -296,0 +293,0 @@ return [undefined, undefined]; |
@@ -13,3 +13,3 @@ /* | ||
| const tracingHeaders = require('../../tracingHeaders'); | ||
| const urlUtil = require('../../../util/url'); | ||
| const { filterParams, sanitizeUrl } = require('../../../util/url'); | ||
| const httpCommon = require('./_http'); | ||
@@ -19,5 +19,2 @@ const shimmer = require('shimmer'); | ||
| const discardUrlParameters = urlUtil.discardUrlParameters; | ||
| const filterParams = urlUtil.filterParams; | ||
| let extraHttpHeadersToCapture; | ||
@@ -105,3 +102,3 @@ let isActive = false; | ||
| method: req.method, | ||
| url: discardUrlParameters(urlParts.shift()), | ||
| url: sanitizeUrl(urlParts.shift()), | ||
| params: urlParts.length > 0 ? urlParts.join('?') : undefined, | ||
@@ -108,0 +105,0 @@ host: req.headers.host, |
@@ -8,26 +8,52 @@ /* | ||
| const url = require('url'); | ||
| const secrets = require('../secrets'); | ||
| /** | ||
| * @param {string} url | ||
| * @returns {string} | ||
| * @param {string} urlString the URL that will be sanitized | ||
| * @returns {string} the URL, without query parameters, matrix parameters and with basic auth credentials redacted | ||
| */ | ||
| exports.discardUrlParameters = function discardUrlParameters(url) { | ||
| let index = getCharCountUntilOccurenceOfChar(url, '?'); | ||
| index = Math.min(index, getCharCountUntilOccurenceOfChar(url, '#')); | ||
| index = Math.min(index, getCharCountUntilOccurenceOfChar(url, ';')); | ||
| return url.substring(0, index); | ||
| exports.sanitizeUrl = function sanitizeUrl(urlString) { | ||
| let normalizedUrl; | ||
| try { | ||
| // This currently uses the legacy URL API. As soon as we drop support for Node.js 6 we should move to the | ||
| // WHATWG URL API (https://nodejs.org/api/url.html#url_the_whatwg_url_api). | ||
| const p = url.parse(urlString); | ||
| if (p.protocol == null && p.host == null && p.pathname == null) { | ||
| return urlString; | ||
| } | ||
| normalizedUrl = `${nullToEmptyString(p.protocol)}${p.protocol != null || p.host != null ? '//' : ''}${ | ||
| p.auth != null ? '<redacted>:<redacted>@' : '' | ||
| }${nullToEmptyString(p.host)}${nullToEmptyString(p.pathname)}`; | ||
| } catch (e) { | ||
| return urlString; | ||
| } | ||
| // url.parse does not take care of matrix params starting with ";", so we have to remove those manually. | ||
| const indexOfSemicolon = getCharCountUntilOccurenceOfChar(normalizedUrl, ';'); | ||
| return normalizedUrl.substring(0, indexOfSemicolon); | ||
| }; | ||
| /** | ||
| * @param {string} s | ||
| * @param {string} char | ||
| * @returns {number} | ||
| * @param {string} string the string to normalize | ||
| * @returns {string} returns the string unchanged, unless it is null or undefined, in that case an empty string is | ||
| * returned | ||
| */ | ||
| function getCharCountUntilOccurenceOfChar(s, char) { | ||
| const index = s.indexOf(char); | ||
| return index === -1 ? s.length : index; | ||
| function nullToEmptyString(string) { | ||
| return string == null ? '' : string; | ||
| } | ||
| /** | ||
| * @param {string} haystack the string in which to search for the needle | ||
| * @param {string} needle the character to search for | ||
| * @returns {number} the number of characters in haystack until the first occurence of needle or the length of haystack, | ||
| * if haystack does not contain needle | ||
| */ | ||
| function getCharCountUntilOccurenceOfChar(haystack, needle) { | ||
| const index = haystack.indexOf(needle); | ||
| return index === -1 ? haystack.length : index; | ||
| } | ||
| /** | ||
| * @param {string} queryString | ||
@@ -34,0 +60,0 @@ */ |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by0.18%
503519
- Lines of code
- increased by0.11%
14288
No dependency changes