Sanitize response body before logging (kolide#2020)

James-Pickett · Jan 2, 2025 · 97f4ab0 · 97f4ab0
1 parent 06e3e07
commit 97f4ab0
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/pkg/log/logshipper/authedhttpsender.go b/pkg/log/logshipper/authedhttpsender.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"io"
 	"net/http"
+	"strings"
 	"time"
 )
 
@@ -41,7 +42,8 @@ func (a *authedHttpSender) Send(r io.Reader) error {
 			return fmt.Errorf("received non 200 http status code: %d, error reading body response body %w", resp.StatusCode, err)
 		}
 
-		return fmt.Errorf("received non 200 http status code: %d, response body: %s", resp.StatusCode, bodyData)
+		escapedBodyData := strings.ReplaceAll(strings.ReplaceAll(string(bodyData), "\n", ""), "\r", "") // remove any newlines
+		return fmt.Errorf("received non 200 http status code: %d, response body: %s", resp.StatusCode, escapedBodyData)
 	}
 	return nil
 }