From 6d2ff60a82686e552e807143087cf26ffdf31a6b Mon Sep 17 00:00:00 2001 From: Abhimanyu Saharan Date: Sat, 7 Mar 2026 23:47:00 +0530 Subject: [PATCH] fix(security): Stop logging raw trusted proxy entries --- backend/app/core/client_ip.py | 2 +- backend/tests/test_client_ip.py | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/backend/app/core/client_ip.py b/backend/app/core/client_ip.py index ea50454b..47000da5 100644 --- a/backend/app/core/client_ip.py +++ b/backend/app/core/client_ip.py @@ -35,7 +35,7 @@ def _parse_trusted_networks(raw: str) -> list[IPv4Network | IPv6Network]: try: networks.append(ipaddress.ip_network(entry, strict=False)) except ValueError: - logger.warning("trusted_proxies: ignoring invalid entry %r", entry) + logger.warning("trusted_proxies: ignoring invalid entry in configuration") return networks diff --git a/backend/tests/test_client_ip.py b/backend/tests/test_client_ip.py index 2999f9a7..6b7924d6 100644 --- a/backend/tests/test_client_ip.py +++ b/backend/tests/test_client_ip.py @@ -2,6 +2,7 @@ from __future__ import annotations +import logging from unittest.mock import patch from app.core.client_ip import ( @@ -103,6 +104,14 @@ def test_parse_trusted_networks_ignores_invalid() -> None: assert len(nets) == 2 +def test_parse_trusted_networks_does_not_log_invalid_value(caplog) -> None: + with caplog.at_level(logging.WARNING, logger="app.core.client_ip"): + _parse_trusted_networks("127.0.0.1, not-an-ip, 10.0.0.0/8") + + assert "trusted_proxies: ignoring invalid entry in configuration" in caplog.text + assert "not-an-ip" not in caplog.text + + # --------------------------------------------------------------------------- # Integration tests for get_client_ip # ---------------------------------------------------------------------------