From 96b34947474d8e68a1cf9bf651da3e8e63253dc0 Mon Sep 17 00:00:00 2001
From: snomiao <snomiao@gmail.com>
Date: Sun, 29 Mar 2026 03:11:46 +0900
Subject: [PATCH] fix: redact proxy credentials in startup log messages

Proxy URLs may contain userinfo (user:pass@host). Redact credentials
before logging to prevent them from appearing in the log stream that
is exposed via /internal/logs endpoints.
---
 main.py | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/main.py b/main.py
index 990fcf4c1..73e439035 100644
--- a/main.py
+++ b/main.py
@@ -77,10 +77,22 @@ if __name__ == "__main__":
 
 setup_logger(log_level=args.verbose, use_stdout=args.log_stdout)
 
+def _redact_proxy_url(url):
+    """Redact userinfo from proxy URL to avoid leaking credentials in logs."""
+    from urllib.parse import urlparse, urlunparse
+    try:
+        parsed = urlparse(url)
+        if parsed.username:
+            netloc = f"***:***@{parsed.hostname}" + (f":{parsed.port}" if parsed.port else "")
+            return urlunparse(parsed._replace(netloc=netloc))
+    except Exception:
+        pass
+    return url
+
 if os.environ.get('HTTP_PROXY'):
-    logging.info("HTTP proxy configured: %s", os.environ['HTTP_PROXY'])
+    logging.info("HTTP proxy configured: %s", _redact_proxy_url(os.environ['HTTP_PROXY']))
 if os.environ.get('HTTPS_PROXY'):
-    logging.info("HTTPS proxy configured: %s", os.environ['HTTPS_PROXY'])
+    logging.info("HTTPS proxy configured: %s", _redact_proxy_url(os.environ['HTTPS_PROXY']))
 
 faulthandler.enable(file=sys.stderr, all_threads=False)