SNOW-1623135: Add Axios error & response sanitization (#894)

snowflakedb · Aug 23, 2024 · 740a345 · 740a345
1 parent 5cd9737
commit 740a345
Show file tree

Hide file tree

Showing 2 changed files with 53 additions and 9 deletions.
diff --git a/lib/http/base.js b/lib/http/base.js
@@ -33,13 +33,15 @@ HttpClient.prototype.request = function (options) {
   const requestOptions = prepareRequestOptions.call(this, options);
   let sendRequest = async function sendRequest() {
     request = axios.request(requestOptions).then(response => {
+      sanitizeAxiosResponse(response);
       if (Util.isFunction(options.callback)) {
         return options.callback(null, normalizeResponse(response), response.data);
       } else {
         Logger.getInstance().trace(`Callback function was not provided for the call to ${options.url}`);
         return null;
       }
     }).catch(err => {
+      sanitizeAxiosError(err);
       if (Util.isFunction(options.callback)) {
         if (err.response) { // axios returns error for not 2xx responses - let's unwrap it
           options.callback(null, normalizeResponse(err.response), err.response.data);
@@ -76,16 +78,19 @@ HttpClient.prototype.request = function (options) {
  * @returns {Object} an object representing the request that was issued.
  */
 HttpClient.prototype.requestAsync = async function (options) {
-  const requestOptions = prepareRequestOptions.call(this, options);
-
-  const response = await axios.request(requestOptions);
-
-  if (Util.isString(response['data']) &&
-    response['headers']['content-type'] === 'application/json') {
-    response['data'] = JSON.parse(response['data']);
+  try {
+    const requestOptions = prepareRequestOptions.call(this, options);
+    const response = await axios.request(requestOptions);
+    if (Util.isString(response['data']) &&
+        response['headers']['content-type'] === 'application/json') {
+      response['data'] = JSON.parse(response['data']);
+    }
+    sanitizeAxiosResponse(response);
+    return response;
+  } catch (err) {
+    sanitizeAxiosError(err);
+    throw err;
   }
-
-  return response;
 };
 
 /**
@@ -178,6 +183,22 @@ HttpClient.prototype.getAgent = function () {
 
 module.exports = HttpClient;
 
+function sanitizeAxiosResponse(response) {
+  response.request = undefined;
+  if (response.config) {
+    response.config.data = undefined;
+    response.config.headers = undefined;
+  }
+}
+
+function sanitizeAxiosError(error) {
+  error.request = undefined;
+  error.config = undefined;
+  if (error.response) {
+    sanitizeAxiosResponse(error.response);
+  }
+}
+
 function prepareRequestOptions(options) {
   const headers = normalizeHeaders(options.headers) || {};
 

diff --git a/test/integration/testConnection.js b/test/integration/testConnection.js
@@ -110,6 +110,29 @@ describe('Connection test', function () {
 
     timeout();
   });
+
+  it('Failed connections returns sanitized error', function (done) {
+    const somePassword = '______FffU@xEH!q7FrGM9xd*rPM______';
+    const connection = snowflake.createConnection({
+      account: 'some-account',
+      username: 'some-account',
+      password: somePassword,
+      sfRetryMaxLoginRetries: 1,
+    });
+
+    connection.connect(
+      function (err) {
+        try {
+          assert.ok(err);
+          assert.equal(err.name, 'RequestFailedError');
+          err = JSON.stringify(err, Util.getCircularReplacer());
+          assert.strictEqual(err.includes(somePassword), false);
+          done();
+        } catch (err) {
+          done(err);
+        }
+      });
+  });
 });
 
 describe('Connection test - validate default parameters', function () {