387a0f1d9a
Add SanitizeLogs() that strips ANSI escape sequences and non-printable control characters (preserving newlines, carriage returns, and tabs) from all container and deployment log output paths: - HandleAppLogs (text/plain response) - HandleDeploymentLogsAPI (JSON response) - HandleContainerLogsAPI (JSON response) Container log output is attacker-controlled data. Content-Type alone is insufficient — the data itself must be sanitized before serving. Includes comprehensive test coverage for the sanitization function.
31 lines
933 B
Go
31 lines
933 B
Go
package handlers
|
|
|
|
import (
|
|
"regexp"
|
|
"strings"
|
|
)
|
|
|
|
// ansiEscapePattern matches ANSI escape sequences (CSI, OSC, and single-character escapes).
|
|
var ansiEscapePattern = regexp.MustCompile(`(\x1b\[[0-9;]*[a-zA-Z]|\x1b\][^\x07]*\x07|\x1b[^[\]])`)
|
|
|
|
// SanitizeLogs strips ANSI escape sequences and non-printable control characters
|
|
// from container log output. Newlines (\n), carriage returns (\r), and tabs (\t)
|
|
// are preserved. This ensures that attacker-controlled container output cannot
|
|
// inject terminal escape sequences or other dangerous control characters.
|
|
func SanitizeLogs(input string) string {
|
|
// Strip ANSI escape sequences
|
|
result := ansiEscapePattern.ReplaceAllString(input, "")
|
|
|
|
// Strip remaining non-printable characters (keep \n, \r, \t)
|
|
var b strings.Builder
|
|
b.Grow(len(result))
|
|
|
|
for _, r := range result {
|
|
if r == '\n' || r == '\r' || r == '\t' || r >= ' ' {
|
|
b.WriteRune(r)
|
|
}
|
|
}
|
|
|
|
return b.String()
|
|
}
|