From f00f8346f143dc306e184b6d479294ab11a4ff55 Mon Sep 17 00:00:00 2001
From: Erik Johnston <erik@matrix.org>
Date: Mon, 15 Jun 2015 13:37:58 +0100
Subject: [PATCH] Make http.server request logging more verbose, but redact
 access_tokens

---
 synapse/http/server.py | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/synapse/http/server.py b/synapse/http/server.py
index ae8f3b397..e6e8a59f6 100644
--- a/synapse/http/server.py
+++ b/synapse/http/server.py
@@ -32,6 +32,7 @@ from twisted.web.util import redirectTo
 
 import collections
 import logging
+import re
 import urllib
 
 logger = logging.getLogger(__name__)
@@ -82,9 +83,18 @@ def request_handler(request_handler):
             code = None
             start = self.clock.time_msec()
             try:
+                request_uri = request.uri
+
+                # Don't log access_tokens
+                request_uri = re.sub(
+                    r'(\?.*access_token=)[^&]*(.*)$',
+                    r'\1<redacted>\2',
+                    request_uri
+                )
+
                 logger.info(
-                    "Received request: %s %s",
-                    request.method, request.path
+                    "%s - Received request: %s %s",
+                    request.getClientIP(), request.method, request_uri
                 )
                 d = request_handler(self, request)
                 with PreserveLoggingContext():