scrub all requests and auth header, fix changeReader stall - fixes #255, #257 (#256)

weareu · web-flow · commit c84d0a43b13e · 2021-02-25T09:19:11.000Z
* scrub all requests and auth header - fixes #255 * change changeReader to max out retry back-off at one minute, instead of infinite - fixes #257 * also scrub URL for response headers - #256
diff --git a/lib/changesreader.js b/lib/changesreader.js
@@ -210,7 +210,7 @@ class ChangesReader {
               self.continue = false
             } else {
               // don't immediately retry on error - exponential back-off
-              delay = delay ? Math.max(60000, delay * 2) : 5000
+              delay = delay ? Math.min(60000, delay * 2) : 5000 // up to and no more than one minute
             }
 
             self.ee.emit(EVENT_ERROR, err)
diff --git a/lib/nano.js b/lib/nano.js
@@ -101,6 +101,22 @@ module.exports = exports = function dbScope (cfg) {
     }
     return str
   }
+
+  function scrubRequest (req, cloned) {
+    // scrub credentials
+    req.url = scrubURL(req.url)
+    if (req.headers.cookie) {
+      req.headers.cookie = 'XXXXXXX'
+    }
+    if (req.auth) {
+      if (!cloned) {
+        req.auth = JSON.parse(JSON.stringify(req.auth)) // clone just auth if not already cloned
+      }
+      req.auth.username = SCRUBBED_STR
+      req.auth.password = SCRUBBED_STR
+    }
+  }
+
   const responseHandler = function (response, req, opts, resolve, reject, callback) {
     const statusCode = response.status || (response.response && response.response.status) || 500
     if (response.isAxiosError && response.response) {
@@ -111,7 +127,7 @@ module.exports = exports = function dbScope (cfg) {
 
     // let parsed
     const responseHeaders = Object.assign({
-      uri: req.url,
+      uri: scrubURL(req.url),
       statusCode: statusCode
     }, response.headers)
     if (!response.status) {
@@ -163,11 +179,7 @@ module.exports = exports = function dbScope (cfg) {
     delete body.stack
 
     // scrub credentials
-    req.url = scrubURL(req.url)
-    responseHeaders.uri = scrubURL(responseHeaders.uri)
-    if (req.headers.cookie) {
-      req.headers.cookie = 'XXXXXXX'
-    }
+    scrubRequest(req)
 
     log({ err: 'couch', body: body, headers: responseHeaders })
 
@@ -201,6 +213,8 @@ module.exports = exports = function dbScope (cfg) {
     }
     const message = response.statusText
 
+    scrubRequest(req)
+
     const responseHeaders = Object.assign({
       uri: req.url,
       statusCode: statusCode
@@ -368,11 +382,7 @@ module.exports = exports = function dbScope (cfg) {
 
     // scrub and log
     const scrubbedReq = JSON.parse(JSON.stringify(req))
-    scrubbedReq.url = scrubURL(scrubbedReq.url)
-    if (scrubbedReq.auth) {
-      scrubbedReq.auth.username = SCRUBBED_STR
-      scrubbedReq.auth.password = SCRUBBED_STR
-    }
+    scrubRequest(scrubbedReq, true)
     log(scrubbedReq)
 
     // add http agents

Original file line number	Diff line number	Diff line change
`@@ -210,7 +210,7 @@ class ChangesReader {`
`210`	`210`	`self.continue = false`
`211`	`211`	`} else {`
`212`	`212`	`// don't immediately retry on error - exponential back-off`
`213`		`- delay = delay ? Math.max(60000, delay * 2) : 5000`
	`213`	`+ delay = delay ? Math.min(60000, delay * 2) : 5000 // up to and no more than one minute`
`214`	`214`	`}`
`215`	`215`
`216`	`216`	`self.ee.emit(EVENT_ERROR, err)`