From c24e3d88a62bdc99c22242ab652648ad7bfd2081 Mon Sep 17 00:00:00 2001
From: Alyssa Ross <hi@alyssa.is>
Date: Wed, 8 Feb 2023 15:29:36 +0000
Subject: cgiserver: don't include PII in logs

---
 .../cgiserver/0002-Don-t-include-PII-in-logs.patch | 46 ++++++++++++++++++++++
 nixpkgs/pkgs/servers/http/cgiserver/default.nix    |  1 +
 2 files changed, 47 insertions(+)
 create mode 100644 nixpkgs/pkgs/servers/http/cgiserver/0002-Don-t-include-PII-in-logs.patch

(limited to 'nixpkgs/pkgs/servers')

diff --git a/nixpkgs/pkgs/servers/http/cgiserver/0002-Don-t-include-PII-in-logs.patch b/nixpkgs/pkgs/servers/http/cgiserver/0002-Don-t-include-PII-in-logs.patch
new file mode 100644
index 000000000000..294cf83c72aa
--- /dev/null
+++ b/nixpkgs/pkgs/servers/http/cgiserver/0002-Don-t-include-PII-in-logs.patch
@@ -0,0 +1,46 @@
+From c865876ea7df93401349ed788422ea475dcdda9b Mon Sep 17 00:00:00 2001
+From: Alyssa Ross <hi@alyssa.is>
+Date: Wed, 11 May 2022 14:41:36 +0000
+Subject: [PATCH 2/2] Don't include PII in logs
+
+---
+ main.go | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/main.go b/main.go
+index 6366db0..14ef64e 100644
+--- a/main.go
++++ b/main.go
+@@ -7,6 +7,7 @@ import (
+ 	"context"
+ 	"flag"
+ 	"fmt"
++	"io"
+ 	"log"
+ 	"net/http"
+ 	"net/http/cgi"
+@@ -27,7 +28,7 @@ func main() {
+ 		fmt.Fprintln(flag.CommandLine.Output(), "Usage: cgiserver [-r ROOT] /path/to/application.cgi")
+ 	}
+ 
+-	root := flag.String("r", "/", "CGI SCRIPT_NAME");
++	root := flag.String("r", "/", "CGI SCRIPT_NAME")
+ 
+ 	// We didn't configure any flags, so this just serves to display an error
+ 	// if someone tries to pass one. It also automatically handles -h/--help.
+@@ -63,7 +64,11 @@ func main() {
+ 	handler = handlers.ProxyHeaders(handler)
+ 
+ 	// Additionally, we want to log requests.
+-	handler = handlers.CombinedLoggingHandler(os.Stdout, handler)
++	handler = handlers.CustomLoggingHandler(os.Stdout, handler,
++		func(w io.Writer, params handlers.LogFormatterParams) {
++			fmt.Fprintf(w, "%s %s %d %d\n", params.Request.Method,
++				params.URL.String(), params.StatusCode, params.Size)
++		})
+ 
+ 	// Catch SIGTERM so we can shutdown gracefully.
+ 	sig := make(chan os.Signal, 1)
+-- 
+2.35.1
+
diff --git a/nixpkgs/pkgs/servers/http/cgiserver/default.nix b/nixpkgs/pkgs/servers/http/cgiserver/default.nix
index 4556e7107222..7aa7f04908cf 100644
--- a/nixpkgs/pkgs/servers/http/cgiserver/default.nix
+++ b/nixpkgs/pkgs/servers/http/cgiserver/default.nix
@@ -14,6 +14,7 @@ buildGoModule rec {
 
   patches = [
     ./0001-Add-r-flag-to-set-CGI-SCRIPT_NAME.patch
+    ./0002-Don-t-include-PII-in-logs.patch
   ];
 
   meta = with lib; {
-- 
cgit 1.4.1