From dcedd16f3f27f9de7948de1f0ebbb88b5349ed3b Mon Sep 17 00:00:00 2001
From: Jack Seaton <JackSeaton@u.boisestate.edu>
Date: Thu, 11 Oct 2018 17:01:08 -0600
Subject: [PATCH] Added ability to hide sensative logs

---
 splash/resources.py | 10 ++++++++++
 splash/server.py    |  6 +++++-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/splash/resources.py b/splash/resources.py
index 2b5b42889..91fd9f513 100644
--- a/splash/resources.py
+++ b/splash/resources.py
@@ -196,6 +196,13 @@ def _write_expired_args(self, request, expired_args):
         return self._write_error(request, 498, ex)
 
     def _log_stats(self, request, options, error=None):
+
+        if self.hide_passed_json_and_lua_source:
+            if 'posted_json' in options:
+                del options['posted_json']
+            if 'lua_source' in options:
+                del options['lua_source']
+
         msg = {
             # Anything we retrieve from Twisted request object contains bytes.
             # We have to convert it to unicode first for json.dump to succeed.
@@ -280,6 +287,9 @@ def __init__(self, pool, sandboxed,
         self.strict = strict
         self.implicit_main = implicit_main
 
+        # This is hardcoded, but should be set via the command line arg. Not sure where that would be...
+        self.hide_passed_json_and_lua_source = True
+
     def _get_render(self, request, options):
         params = dict(
             proxy=options.get_proxy(),
diff --git a/splash/server.py b/splash/server.py
index 1b0aa5301..224f3d51b 100644
--- a/splash/server.py
+++ b/splash/server.py
@@ -64,7 +64,7 @@ def parse_opts(jupyter=False, argv=sys.argv):
         help="print Splash version number and exit")
 
     if not jupyter:
-        # This options are specific of splash server and not used in splash-jupyter
+        # These options are specific to splash server and not used in splash-jupyter
         op.add_option("-p", "--port", type="int", default=defaults.SPLASH_PORT,
             help="port to listen to (default: %default)")
         op.add_option("-i", "--ip", type="string", default=defaults.SPLASH_IP,
@@ -82,6 +82,10 @@ def parse_opts(jupyter=False, argv=sys.argv):
         op.add_option("--argument-cache-max-entries", type="int",
             default=defaults.ARGUMENT_CACHE_MAX_ENTRIES,
             help="maximum number of entries in arguments cache (default: %default)")
+        op.add_option("--hide_passed_json_and_lua_source",
+            action="store_true",
+            default=False,
+            help="Hides `posted_json` and `lua_source` from final logs. Added security measure as you're not logging passwords, emails, etc.")
 
     opts, args = op.parse_args(argv)