diff --git a/instrumentation-api-semconv/src/main/java/io/opentelemetry/instrumentation/api/instrumenter/http/HttpClientAttributesExtractor.java b/instrumentation-api-semconv/src/main/java/io/opentelemetry/instrumentation/api/instrumenter/http/HttpClientAttributesExtractor.java index ae49e32d048b..e5053a40ee1e 100644 --- a/instrumentation-api-semconv/src/main/java/io/opentelemetry/instrumentation/api/instrumenter/http/HttpClientAttributesExtractor.java +++ b/instrumentation-api-semconv/src/main/java/io/opentelemetry/instrumentation/api/instrumenter/http/HttpClientAttributesExtractor.java @@ -54,7 +54,50 @@ public static HttpClientAttributesExtractorBuilder start of path + int index; + int atIndex = -1; + for (index = schemeEndIndex + 3; index < len; index++) { + char c = url.charAt(index); + + if (c == '@') { + atIndex = index; + } + + if (c == '/' || c == '?' || c == '#') { + break; + } + } + + if (atIndex == -1 || atIndex == len - 1) { + return url; + } + return url.substring(0, schemeEndIndex + 3) + url.substring(atIndex + 1); } @Override diff --git a/instrumentation-api-semconv/src/test/java/io/opentelemetry/instrumentation/api/instrumenter/http/HttpClientAttributesExtractorTest.java b/instrumentation-api-semconv/src/test/java/io/opentelemetry/instrumentation/api/instrumenter/http/HttpClientAttributesExtractorTest.java index 2624b26bf00c..d99052a589e3 100644 --- a/instrumentation-api-semconv/src/test/java/io/opentelemetry/instrumentation/api/instrumenter/http/HttpClientAttributesExtractorTest.java +++ b/instrumentation-api-semconv/src/test/java/io/opentelemetry/instrumentation/api/instrumenter/http/HttpClientAttributesExtractorTest.java @@ -10,6 +10,7 @@ import static java.util.Collections.emptyList; import static java.util.Collections.singletonList; import static org.assertj.core.api.Assertions.entry; +import static org.junit.jupiter.params.provider.Arguments.arguments; import io.opentelemetry.api.common.AttributeKey; import io.opentelemetry.api.common.Attributes; @@ -19,8 +20,12 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.stream.Stream; import javax.annotation.Nullable; import org.junit.jupiter.api.Test; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.Arguments; +import org.junit.jupiter.params.provider.MethodSource; class HttpClientAttributesExtractorTest { @@ -112,6 +117,39 @@ void normal() { asList("654", "321"))); } + @ParameterizedTest + @MethodSource("stripUrlArguments") + void stripBasicAuthTest(String url, String expectedResult) { + Map request = new HashMap<>(); + request.put("url", url); + + stripRequestTest(request, expectedResult); + } + + private static Stream stripUrlArguments() { + return Stream.of( + arguments("https://user1:secret@github.com", "https://github.com"), + arguments("https://user1:secret@github.com/path/", "https://github.com/path/"), + arguments("https://user1:secret@github.com#test.html", "https://github.com#test.html"), + arguments("https://user1:secret@github.com?foo=b@r", "https://github.com?foo=b@r"), + arguments( + "https://user1:secret@github.com/p@th?foo=b@r", "https://github.com/p@th?foo=b@r"), + arguments("https://github.com/p@th?foo=b@r", "https://github.com/p@th?foo=b@r"), + arguments("https://github.com#t@st.html", "https://github.com#t@st.html"), + arguments("user1:secret@github.com", "user1:secret@github.com"), + arguments("https://github.com@", "https://github.com@")); + } + + private static void stripRequestTest(Map request, String expected) { + HttpClientAttributesExtractor, Map> extractor = + HttpClientAttributesExtractor.builder(new TestHttpClientAttributesGetter()).build(); + + AttributesBuilder attributes = Attributes.builder(); + extractor.onStart(attributes, Context.root(), request); + + assertThat(attributes.build()).containsOnly(entry(SemanticAttributes.HTTP_URL, expected)); + } + @Test void invalidStatusCode() { Map request = new HashMap<>();