Strip sensitive headers from output

Author: jochen-testingbot

src/main/java/com/testingbot/tunnel/Api.java

@@ -181,12 +181,11 @@ private JsonNode _post(String url, List<NameValuePair> postData) throws Exceptio
             }
 
             try {
-                String jsonData = responseBody.replaceAll("\\\\", "");
-                if (!jsonData.startsWith("{")) {
-                    jsonData = jsonData.substring(1, (jsonData.length() - 1));
+                JsonNode root = objectMapper.readTree(responseBody);
+                if (root.isTextual()) {
+                    root = objectMapper.readTree(root.asText());
                 }
-
-                return objectMapper.readTree(jsonData);
+                return root;
             }
             catch (Exception e) {
                 throw new Exception("Json parse error: " + e.getMessage() + " for " + responseBody);
@@ -218,12 +217,11 @@ private JsonNode _get(String url) throws Exception {
             }
 
             try {
-                String jsonData = responseBody.replaceAll("\\\\", "");
-                if (!jsonData.startsWith("{")) {
-                    jsonData = jsonData.substring(1, (jsonData.length() - 1));
+                JsonNode root = objectMapper.readTree(responseBody);
+                if (root.isTextual()) {
+                    root = objectMapper.readTree(root.asText());
                 }
-
-                return objectMapper.readTree(jsonData);
+                return root;
             }
             catch (Exception e) {
                 throw new Exception("Json parse error: " + e.getMessage() + " for " + responseBody);

src/main/java/com/testingbot/tunnel/App.java

@@ -522,7 +522,12 @@ private void startProxies() {
         }
 
         if (!this.noProxy) {
-            this.httpProxy = new HttpProxy(this);
+            try {
+                this.httpProxy = new HttpProxy(this);
+            } catch (HttpProxy.HttpProxyStartException ex) {
+                Logger.getLogger(App.class.getName()).log(Level.SEVERE, ex.getMessage());
+                System.exit(1);
+            }
             if (this.getProxy() == null && !this.httpProxy.testProxy()) {
                 Logger.getLogger(App.class.getName()).log(Level.INFO, "! Tunnel might not work properly, test failed");
             }

src/main/java/com/testingbot/tunnel/HttpProxy.java

@@ -125,8 +125,15 @@ public void start() {
         try {
             httpProxy.start();
         } catch (Exception ex) {
-            Logger.getLogger(HttpProxy.class.getName()).log(Level.SEVERE, "Could not set up local http proxy. Please make sure this program can open port {0} on this computer.", Integer.toString(app.getJettyPort()));
-            System.exit(1);
+            throw new HttpProxyStartException(
+                "Could not set up local http proxy. Please make sure this program can open port "
+                        + app.getJettyPort() + " on this computer.", ex);
+        }
+    }
+
+    public static final class HttpProxyStartException extends RuntimeException {
+        public HttpProxyStartException(String message, Throwable cause) {
+            super(message, cause);
         }
     }
 

src/main/java/com/testingbot/tunnel/proxy/CustomConnectHandler.java

@@ -144,7 +144,9 @@ public void handle(String target, Request baseRequest, HttpServletRequest reques
 
                 while (headerNames.hasMoreElements()) {
                     header = headerNames.nextElement();
-                    sb.append(header).append(": ").append(request.getHeader(header)).append(System.lineSeparator());
+                    sb.append(header).append(": ")
+                            .append(SensitiveHeaders.redactValue(header, request.getHeader(header)))
+                            .append(System.lineSeparator());
                 }
                 Logger.getLogger(CustomConnectHandler.class.getName()).log(Level.INFO, sb.toString());
             }

src/main/java/com/testingbot/tunnel/proxy/SensitiveHeaders.java

@@ -0,0 +1,28 @@
+package com.testingbot.tunnel.proxy;
+
+import java.util.Locale;
+import java.util.Set;
+
+final class SensitiveHeaders {
+    static final String REDACTED = "<redacted>";
+
+    private static final Set<String> NAMES = Set.of(
+            "authorization",
+            "proxy-authorization",
+            "cookie",
+            "set-cookie",
+            "x-api-key",
+            "x-auth-token"
+    );
+
+    private SensitiveHeaders() {
+    }
+
+    static boolean isSensitive(String name) {
+        return name != null && NAMES.contains(name.toLowerCase(Locale.ROOT));
+    }
+
+    static String redactValue(String name, String value) {
+        return isSensitive(name) ? REDACTED : value;
+    }
+}

src/main/java/com/testingbot/tunnel/proxy/TunnelProxyServlet.java

@@ -117,7 +117,9 @@ public void onComplete(Result result) {
 
                     while (headerNames.hasMoreElements()) {
                         header = headerNames.nextElement();
-                        sb.append(header).append(": ").append(request.getHeader(header)).append(System.lineSeparator());
+                        sb.append(header).append(": ")
+                                .append(SensitiveHeaders.redactValue(header, request.getHeader(header)))
+                                .append(System.lineSeparator());
                     }
 
                     Logger.getLogger(TunnelProxyServlet.class.getName()).log(Level.INFO, sb.toString());

src/test/java/com/testingbot/tunnel/ApiTest.java

@@ -501,4 +501,36 @@ void api_multipleSequentialCalls_shouldWork() throws Exception {
         assertThat(createResult.get("id").asText()).isEqualTo("seq-1");
         assertThat(pollResult.get("state").asText()).isEqualTo("RUNNING");
     }
+
+    @Test
+    void createTunnel_preservesBackslashesInStringValues() throws Exception {
+        wireMockServer.stubFor(post(urlPathEqualTo("/v1/tunnel/create"))
+            .willReturn(aResponse()
+                .withStatus(200)
+                .withHeader("Content-Type", "application/json")
+                .withBody("{\"id\":\"backslash\",\"path\":\"C:\\\\Users\\\\test\",\"message\":\"line1\\nline2\"}")));
+
+        api = createApiWithMockServer();
+
+        JsonNode result = api.createTunnel();
+
+        assertThat(result.get("path").asText()).isEqualTo("C:\\Users\\test");
+        assertThat(result.get("message").asText()).isEqualTo("line1\nline2");
+    }
+
+    @Test
+    void createTunnel_handlesJsonEncodedAsString() throws Exception {
+        wireMockServer.stubFor(post(urlPathEqualTo("/v1/tunnel/create"))
+            .willReturn(aResponse()
+                .withStatus(200)
+                .withHeader("Content-Type", "application/json")
+                .withBody("\"{\\\"id\\\":\\\"wrapped\\\",\\\"state\\\":\\\"READY\\\"}\"")));
+
+        api = createApiWithMockServer();
+
+        JsonNode result = api.createTunnel();
+
+        assertThat(result.get("id").asText()).isEqualTo("wrapped");
+        assertThat(result.get("state").asText()).isEqualTo("READY");
+    }
 }

src/test/java/com/testingbot/tunnel/HttpProxyTest.java

@@ -7,6 +7,7 @@
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatCode;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
 
 class HttpProxyTest {
 
@@ -68,6 +69,16 @@ void testProxy_shouldValidateProxyFunctionality() {
         assertThat(result).isFalse(); // Expected in test environment
     }
 
+    @Test
+    void start_whenPortAlreadyBound_throwsHttpProxyStartException() throws Exception {
+        try (ServerSocket blocker = new ServerSocket(0)) {
+            app.setJettyPort(blocker.getLocalPort());
+            assertThatThrownBy(() -> new HttpProxy(app))
+                .isInstanceOf(HttpProxy.HttpProxyStartException.class)
+                .hasMessageContaining(Integer.toString(blocker.getLocalPort()));
+        }
+    }
+
     private int findFreePort() {
         try (ServerSocket socket = new ServerSocket(0)) {
             return socket.getLocalPort();

src/test/java/com/testingbot/tunnel/proxy/SensitiveHeadersTest.java

@@ -0,0 +1,52 @@
+package com.testingbot.tunnel.proxy;
+
+import org.junit.jupiter.api.Test;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+class SensitiveHeadersTest {
+
+    @Test
+    void isSensitive_isCaseInsensitive() {
+        assertThat(SensitiveHeaders.isSensitive("Authorization")).isTrue();
+        assertThat(SensitiveHeaders.isSensitive("AUTHORIZATION")).isTrue();
+        assertThat(SensitiveHeaders.isSensitive("authorization")).isTrue();
+    }
+
+    @Test
+    void isSensitive_recognizesKnownHeaders() {
+        assertThat(SensitiveHeaders.isSensitive("Proxy-Authorization")).isTrue();
+        assertThat(SensitiveHeaders.isSensitive("Cookie")).isTrue();
+        assertThat(SensitiveHeaders.isSensitive("Set-Cookie")).isTrue();
+        assertThat(SensitiveHeaders.isSensitive("X-Api-Key")).isTrue();
+        assertThat(SensitiveHeaders.isSensitive("X-Auth-Token")).isTrue();
+    }
+
+    @Test
+    void isSensitive_returnsFalseForOrdinaryHeaders() {
+        assertThat(SensitiveHeaders.isSensitive("User-Agent")).isFalse();
+        assertThat(SensitiveHeaders.isSensitive("Content-Type")).isFalse();
+        assertThat(SensitiveHeaders.isSensitive("Host")).isFalse();
+    }
+
+    @Test
+    void isSensitive_handlesNull() {
+        assertThat(SensitiveHeaders.isSensitive(null)).isFalse();
+    }
+
+    @Test
+    void redactValue_masksSensitiveValue() {
+        assertThat(SensitiveHeaders.redactValue("Authorization", "Bearer secret"))
+                .isEqualTo(SensitiveHeaders.REDACTED);
+        assertThat(SensitiveHeaders.redactValue("Cookie", "sid=abc"))
+                .isEqualTo(SensitiveHeaders.REDACTED);
+    }
+
+    @Test
+    void redactValue_passesOrdinaryHeaderThrough() {
+        assertThat(SensitiveHeaders.redactValue("User-Agent", "curl/8"))
+                .isEqualTo("curl/8");
+        assertThat(SensitiveHeaders.redactValue("Content-Type", "text/plain"))
+                .isEqualTo("text/plain");
+    }
+}