From f6e30edbc4a717b34bbf01d3d0a9fe884c6b37da Mon Sep 17 00:00:00 2001 From: Lance Stout Date: Wed, 14 Dec 2011 21:14:27 -0800 Subject: [PATCH] Log received data AFTER filtering. This allows applications to filter out sensitive information, such as passwords, so that it won't appear in the logs. It does mean that the debug logs will not show the actual received data, and there will be no indication of tampering, unless the filter author explicitly logs and notes that a change was made. --- sleekxmpp/xmlstream/xmlstream.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sleekxmpp/xmlstream/xmlstream.py b/sleekxmpp/xmlstream/xmlstream.py index 8f662e88..66dd657a 100644 --- a/sleekxmpp/xmlstream/xmlstream.py +++ b/sleekxmpp/xmlstream/xmlstream.py @@ -1276,8 +1276,6 @@ class XMLStream(object): :param xml: The :class:`~sleekxmpp.xmlstream.stanzabase.ElementBase` stanza to analyze. """ - log.debug("RECV: %s", tostring(xml, xmlns=self.default_ns, - stream=self)) # Apply any preprocessing filters. xml = self.incoming_filter(xml) @@ -1291,6 +1289,9 @@ class XMLStream(object): if stanza is None: return + log.debug("RECV: %s", tostring(xml, xmlns=self.default_ns, + stream=self)) + # Match the stanza against registered handlers. Handlers marked # to run "in stream" will be executed immediately; the rest will # be queued.