SimplePie sanitize URLs for syslog

https://github.com/FreshRSS/FreshRSS/issues/711
https://github.com/FreshRSS/FreshRSS/pull/715

4 files changed, 14 insertions, 14 deletions

diff --git a/lib/SimplePie/SimplePie.php b/lib/SimplePie/SimplePie.php
index bb8ce4191..54f4c5770 100644
--- a/lib/SimplePie/SimplePie.php
+++ b/lib/SimplePie/SimplePie.php
@@ -1554,14 +1554,14 @@ class SimplePie
 						if ($this->data['md5'] === $md5) {
 							if ($this->syslog_enabled)
 							{
-								syslog(LOG_DEBUG, 'SimplePie MD5 cache match for ' . $this->feed_url);
+								syslog(LOG_DEBUG, 'SimplePie MD5 cache match for ' . SimplePie_Misc::url_remove_credentials($this->feed_url));
 							}
 							$cache->touch();
 							return true;	//Content unchanged even though server did not send a 304
 						} else {
 							if ($this->syslog_enabled)
 							{
-								syslog(LOG_DEBUG, 'SimplePie MD5 cache no match for ' . $this->feed_url);
+								syslog(LOG_DEBUG, 'SimplePie MD5 cache no match for ' . SimplePie_Misc::url_remove_credentials($this->feed_url));
 							}
 							$this->data['md5'] = $md5;
 						}
diff --git a/lib/SimplePie/SimplePie/File.php b/lib/SimplePie/SimplePie/File.php
index 56fe72196..1f9e3d502 100644
--- a/lib/SimplePie/SimplePie/File.php
+++ b/lib/SimplePie/SimplePie/File.php
@@ -81,7 +81,7 @@ class SimplePie_File
 		{
 			if ($syslog_enabled)
 			{
-				syslog(LOG_INFO, 'SimplePie GET ' . $url);	//FreshRSS
+				syslog(LOG_INFO, 'SimplePie GET ' . SimplePie_Misc::url_remove_credentials($url));	//FreshRSS
 			}
 			if ($useragent === null)
 			{
diff --git a/lib/SimplePie/SimplePie/Misc.php b/lib/SimplePie/SimplePie/Misc.php
index 5a263a2e5..de50d37b8 100644
--- a/lib/SimplePie/SimplePie/Misc.php
+++ b/lib/SimplePie/SimplePie/Misc.php
@@ -2240,5 +2240,15 @@ function embed_wmedia(width, height, link) {
 	{
 		// No-op
 	}
+
+	/**
+	 * Sanitize a URL by removing HTTP credentials.
+	 * @param $url the URL to sanitize.
+	 * @return the same URL without HTTP credentials.
+	 */
+	function url_remove_credentials($url)	//FreshRSS
+	{
+		return preg_replace('#(?<=//)[^/:@]+:[^/:@]+@#', '', $url);
+	}
 }
 
diff --git a/lib/lib_rss.php b/lib/lib_rss.php
index 16ae3097f..65a1a8e04 100644
--- a/lib/lib_rss.php
+++ b/lib/lib_rss.php
@@ -181,7 +181,7 @@ function sanitizeHTML($data, $base = '') {
 function get_content_by_parsing ($url, $path) {
 	require_once (LIB_PATH . '/lib_phpQuery.php');
 
-	Minz_Log::notice('FreshRSS GET ' . url_remove_credentials($url));
+	Minz_Log::notice('FreshRSS GET ' . SimplePie_Misc::url_remove_credentials($url));
 	$html = file_get_contents ($url);
 
 	if ($html) {
@@ -430,13 +430,3 @@ function array_push_unique(&$array, $value) {
 function array_remove(&$array, $value) {
 	$array = array_diff($array, array($value));
 }
-
-
-/**
- * Sanitize a URL by removing HTTP credentials.
- * @param $url the URL to sanitize.
- * @return the same URL without HTTP credentials.
- */
-function url_remove_credentials($url) {
-	return preg_replace('/[^\/]*:[^:]*@/', '', $url);
-}