From 75561508c8c2eb053299a8817c45610e1e91ec2b Mon Sep 17 00:00:00 2001
From: Azareal <azareal@users.noreply.github.com>
Date: Tue, 2 Mar 2021 18:47:36 +1000
Subject: [PATCH] don't log referer when DNT header is set skip Cookie headers
 in req logs

---
 gen_router.go      | 7 ++++++-
 router_gen/main.go | 7 ++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/gen_router.go b/gen_router.go
index e33fe057..85d96f80 100644
--- a/gen_router.go
+++ b/gen_router.go
@@ -1012,6 +1012,10 @@ func (r *GenRouter) dumpRequest(req *http.Request, pre string,log *log.Logger) {
 	field("\nUA: ",req.UserAgent())
 	field("\nMethod: ",req.Method)
 	for key, value := range req.Header {
+		// Avoid logging this for security reasons
+		if key == "Cookie" {
+			continue
+		}
 		for _, vvalue := range value {
 			sb.WriteString("\nHead ")
 			sb.WriteString(c.SanitiseSingleLine(key))
@@ -1348,7 +1352,8 @@ func (r *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 		likelyBot := ae == "gzip" || ae == ""
 		if !likelyBot {
 			ref := req.Header.Get("Referer") // Check the 'referrer' header too? :P
-			if ref != "" {
+			// TODO: Extend the effects of DNT elsewhere?
+			if ref != "" && req.Header.Get("DNT") != "1" {
 				// ? Optimise this a little?
 				ref = strings.TrimPrefix(strings.TrimPrefix(ref,"http://"),"https://")
 				ref = strings.Split(ref,"/")[0]
diff --git a/router_gen/main.go b/router_gen/main.go
index e14bcabb..6e8bb951 100644
--- a/router_gen/main.go
+++ b/router_gen/main.go
@@ -595,6 +595,10 @@ func (r *GenRouter) dumpRequest(req *http.Request, pre string,log *log.Logger) {
 	field("\nUA: ",req.UserAgent())
 	field("\nMethod: ",req.Method)
 	for key, value := range req.Header {
+		// Avoid logging this for security reasons
+		if key == "Cookie" {
+			continue
+		}
 		for _, vvalue := range value {
 			sb.WriteString("\nHead ")
 			sb.WriteString(c.SanitiseSingleLine(key))
@@ -931,7 +935,8 @@ func (r *GenRouter) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 		likelyBot := ae == "gzip" || ae == ""
 		if !likelyBot {
 			ref := req.Header.Get("Referer") // Check the 'referrer' header too? :P
-			if ref != "" {
+			// TODO: Extend the effects of DNT elsewhere?
+			if ref != "" && req.Header.Get("DNT") != "1" {
 				// ? Optimise this a little?
 				ref = strings.TrimPrefix(strings.TrimPrefix(ref,"http://"),"https://")
 				ref = strings.Split(ref,"/")[0]