use original uri

DaanHoogland · DaanHoogland · commit 03fa97cca006 · 2025-01-21T11:14:10.000+01:00
diff --git a/client/src/main/java/org/apache/cloudstack/ACSRequestLog.java b/client/src/main/java/org/apache/cloudstack/ACSRequestLog.java
@@ -46,8 +46,7 @@ public ACSRequestLog() {
 
     @Override
     public void log(Request request, Response response) {
-        String requestURI = StringUtils.cleanString(request.getRequestURI());
-        String parameters = StringUtils.cleanString(String.valueOf(request.getQueryParameters()));
+        String requestURI = StringUtils.cleanString(request.getOriginalURI());
         try {
             StringBuilder sb = buffers.get();
             sb.setLength(0);
@@ -61,7 +60,6 @@ public void log(Request request, Response response) {
                     .append(request.getMethod())
                     .append(" ")
                     .append(requestURI)
-                    .append(parameters)
                     .append(" ")
                     .append(request.getProtocol())
                     .append("\" ")
diff --git a/utils/src/main/java/com/cloud/utils/StringUtils.java b/utils/src/main/java/com/cloud/utils/StringUtils.java
@@ -165,6 +165,8 @@ public static String getMaskedPasswordForDisplay(final String password) {
 
     private static final Pattern REGEX_PASSWORD_DETAILS_INDEX = Pattern.compile("details(\\[|%5B)\\d*(\\]|%5D)");
 
+    private static final Pattern REGEX_SESSION_KEY = Pattern.compile("sessionkey=(\\p{Alnum}*)");
+
     private static final Pattern REGEX_REDUNDANT_AND = Pattern.compile("(&|%26)(&|%26)+");
 
     // Responsible for stripping sensitive content from request and response strings
@@ -173,6 +175,7 @@ public static String cleanString(final String stringToClean) {
         if (stringToClean != null) {
             cleanResult = REGEX_PASSWORD_QUERYSTRING.matcher(stringToClean).replaceAll("");
             cleanResult = REGEX_PASSWORD_JSON.matcher(cleanResult).replaceAll("");
+            cleanResult = REGEX_SESSION_KEY.matcher(cleanResult).replaceFirst("");
             final Matcher detailsMatcher = REGEX_PASSWORD_DETAILS.matcher(cleanResult);
             while (detailsMatcher.find()) {
                 final Matcher detailsIndexMatcher = REGEX_PASSWORD_DETAILS_INDEX.matcher(detailsMatcher.group());
diff --git a/utils/src/test/java/com/cloud/utils/StringUtilsTest.java b/utils/src/test/java/com/cloud/utils/StringUtilsTest.java
@@ -240,6 +240,14 @@ public void testCleanSecretkeyFromRequestString() {
         assertEquals(result, expected);
     }
 
+    @Test
+    public void testCleanSessionkeyFromRequestJsonString() {
+        final String input = "{id=64b5e71d-2ae8-11ef-9466-1e00c400042b, showicon=true, command=listUsers, response=json, sessionkey=lXfAicKQXPBzt7KjLx6DwVfcOuA}";
+        final String expected = "{id=64b5e71d-2ae8-11ef-9466-1e00c400042b, showicon=true, command=listUsers, response=json, }";
+        final String result = StringUtils.cleanString(input);
+        assertEquals(expected, result);
+    }
+
     @Test
     public void listToCsvTags() {
         assertEquals("a,b,c", StringUtils.listToCsvTags(Arrays.asList("a","b", "c")));
