*/
use MediaWiki\Logger\LoggerFactory;
+use MediaWiki\MediaWikiServices;
+use Wikimedia\Timestamp\TimestampException;
/**
* This is the main API class, used for both external and internal processing.
private $mCacheMode = 'private';
private $mCacheControl = [];
private $mParamsUsed = [];
+ private $mParamsSensitive = [];
/** @var bool|null Cached return value from self::lacksSameOriginSecurity() */
private $lacksSameOriginSecurity = null;
$runTime = microtime( true ) - $t;
$this->logRequest( $runTime );
if ( $this->mModule->isWriteMode() && $this->getRequest()->wasPosted() ) {
- $this->getStats()->timing(
+ MediaWikiServices::getInstance()->getStatsdDataFactory()->timing(
'api.' . $this->mModule->getModuleName() . '.executeTiming', 1000 * $runTime
);
}
* @param Exception $e
*/
protected function handleException( Exception $e ) {
- // Bug 63145: Rollback any open database transactions
+ // T65145: Rollback any open database transactions
if ( !( $e instanceof ApiUsageException || $e instanceof UsageException ) ) {
// UsageExceptions are intentional, so don't rollback if that's the case
try {
" {$logCtx['ip']} " .
"T={$logCtx['timeSpentBackend']}ms";
+ $sensitive = array_flip( $this->getSensitiveParams() );
foreach ( $this->getParamsUsed() as $name ) {
$value = $request->getVal( $name );
if ( $value === null ) {
continue;
}
- if ( strlen( $value ) > 256 ) {
+ if ( isset( $sensitive[$name] ) ) {
+ $value = '[redacted]';
+ $encValue = '[redacted]';
+ } elseif ( strlen( $value ) > 256 ) {
$value = substr( $value, 0, 256 );
$encValue = $this->encodeRequestLogValue( $value ) . '[...]';
} else {
$this->mParamsUsed += array_fill_keys( (array)$params, true );
}
+ /**
+ * Get the request parameters that should be considered sensitive
+ * @since 1.29
+ * @return array
+ */
+ protected function getSensitiveParams() {
+ return array_keys( $this->mParamsSensitive );
+ }
+
+ /**
+ * Mark parameters as sensitive
+ * @since 1.29
+ * @param string|string[] $params
+ */
+ public function markParamsSensitive( $params ) {
+ $this->mParamsSensitive += array_fill_keys( (array)$params, true );
+ }
+
/**
* Get a request value, and register the fact that it was used, for logging.
* @param string $name
$ret = $this->getRequest()->getVal( $name );
if ( $ret === null ) {
if ( $this->getRequest()->getArray( $name ) !== null ) {
- // See bug 10262 for why we don't just implode( '|', ... ) the
+ // See T12262 for why we don't just implode( '|', ... ) the
// array.
$this->addWarning( [ 'apiwarn-unsupportedarray', $name ] );
}