smolnar82 opened a new pull request, #1062:
URL: https://github.com/apache/knox/pull/1062

   
:exclamation::exclamation::exclamation:IMPORTANT:exclamation::exclamation::exclamation:
   This PR is an almost identical copy of #914 (including this description), 
except:
   - sanitizer configuration init is extracted to a private method
   - a new factory method was created in a singleton class to ensure the new 
`SanitizedException` still complies with the Single Responsibility principal, 
but sanitization is centralized and reusable.
   - new test cases added to the sanitization logic
   - new exception constructor w/o message
   
   ## What changes were proposed in this pull request?
   
   This pull request introduces a mechanism to sanitize error messages in the 
`GatewayServlet` to improve security by hiding IP addresses from exception 
messages. The following changes were made:
   - Added a `isErrorMessageSanitizationEnabled` flag to the `GatewayServlet` 
to control whether error messages should be sanitized.
   - Implemented the `sanitizeException` and `sanitizeAndRethrow` methods in 
`GatewayServlet` to handle exception sanitization.
   - Updated the `GatewayConfig` interface and its implementation 
`GatewayConfigImpl` to include a new method `isErrorMessageSanitizationEnabled`.
   - Created the `GatewayServletTest` class to parameterize tests for scenarios 
where sanitization is enabled and disabled.
   
   ## How was this patch tested?
   
   This patch was tested using the following methods:
   - Parameterized unit tests were added to `GatewayServletTest` to cover both 
scenarios where error message sanitization is enabled and disabled.
   - Manual review and inspection of the code changes to ensure accuracy and 
completeness.
   
   Test steps:
   1. Added unit tests in `GatewayServletTest` to check for sanitized and 
non-sanitized error messages.
   2. Verified the new tests pass successfully, ensuring error messages are 
appropriately sanitized or left unchanged based on the configuration.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@knox.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to