commit c84d0a43b13edc888a2a339f7fb057ad66d3d3fe
author Fanie Oosthuysen <fanie.oosthuysen@gmail.com> Thu Feb 25 11:19:11 2021 +0200
committer GitHub <noreply@github.com> Thu Feb 25 09:19:11 2021 +0000
tree 0f6665848da8701611eac86926f0c6b4611ee79d
parent 1c46ec975d341bbb61632f919ab03d8f67fbf461

scrub all requests and auth header, fix changeReader stall - fixes #255, #257 (#256)

* scrub all requests and auth header - fixes #255

* change changeReader to max out retry back-off at one minute, instead of infinite - fixes #257

* also scrub URL for response headers - #256

lib/changesreader.js

diff --git a/lib/changesreader.js b/lib/changesreader.js
index 6789710..cf2a7c6 100644
--- a/lib/changesreader.js
+++ b/lib/changesreader.js
@@ -210,7 +210,7 @@
               self.continue = false
             } else {
               // don't immediately retry on error - exponential back-off
-              delay = delay ? Math.max(60000, delay * 2) : 5000
+              delay = delay ? Math.min(60000, delay * 2) : 5000 // up to and no more than one minute
             }
 
             self.ee.emit(EVENT_ERROR, err)

lib/nano.js

diff --git a/lib/nano.js b/lib/nano.js
index 9295779..5a4ee28 100644
--- a/lib/nano.js
+++ b/lib/nano.js
@@ -101,6 +101,22 @@
     }
     return str
   }
+
+  function scrubRequest (req, cloned) {
+    // scrub credentials
+    req.url = scrubURL(req.url)
+    if (req.headers.cookie) {
+      req.headers.cookie = 'XXXXXXX'
+    }
+    if (req.auth) {
+      if (!cloned) {
+        req.auth = JSON.parse(JSON.stringify(req.auth)) // clone just auth if not already cloned
+      }
+      req.auth.username = SCRUBBED_STR
+      req.auth.password = SCRUBBED_STR
+    }
+  }
+
   const responseHandler = function (response, req, opts, resolve, reject, callback) {
     const statusCode = response.status || (response.response && response.response.status) || 500
     if (response.isAxiosError && response.response) {
@@ -111,7 +127,7 @@
 
     // let parsed
     const responseHeaders = Object.assign({
-      uri: req.url,
+      uri: scrubURL(req.url),
       statusCode: statusCode
     }, response.headers)
     if (!response.status) {
@@ -163,11 +179,7 @@
     delete body.stack
 
     // scrub credentials
-    req.url = scrubURL(req.url)
-    responseHeaders.uri = scrubURL(responseHeaders.uri)
-    if (req.headers.cookie) {
-      req.headers.cookie = 'XXXXXXX'
-    }
+    scrubRequest(req)
 
     log({ err: 'couch', body: body, headers: responseHeaders })
 
@@ -201,6 +213,8 @@
     }
     const message = response.statusText
 
+    scrubRequest(req)
+
     const responseHeaders = Object.assign({
       uri: req.url,
       statusCode: statusCode
@@ -368,11 +382,7 @@
 
     // scrub and log
     const scrubbedReq = JSON.parse(JSON.stringify(req))
-    scrubbedReq.url = scrubURL(scrubbedReq.url)
-    if (scrubbedReq.auth) {
-      scrubbedReq.auth.username = SCRUBBED_STR
-      scrubbedReq.auth.password = SCRUBBED_STR
-    }
+    scrubRequest(scrubbedReq, true)
     log(scrubbedReq)
 
     // add http agents