From 75bdda27123ab4eb7f4b8020dcc77c08177a89a6 Mon Sep 17 00:00:00 2001
From: frank <lovefree103@gmail.com>
Date: Tue, 17 Dec 2024 03:58:15 +0800
Subject: [PATCH] fix_: correct sensitive regex (#6188)

---
 mobile/callog/status_request_log.go      | 2 +-
 mobile/callog/status_request_log_test.go | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/mobile/callog/status_request_log.go b/mobile/callog/status_request_log.go
index 1cfb293be..6a93e7cc1 100644
--- a/mobile/callog/status_request_log.go
+++ b/mobile/callog/status_request_log.go
@@ -37,7 +37,7 @@ var sensitiveKeys = []string{
 	"gifs/api-key",
 }
 
-var sensitiveRegexString = fmt.Sprintf(`(?i)(".*?(%s).*?")\s*:\s*("[^"]*")`, strings.Join(sensitiveKeys, "|"))
+var sensitiveRegexString = fmt.Sprintf(`(?i)("\w*?(%s)\w*?")\s*:\s*(".*?")`, strings.Join(sensitiveKeys, "|"))
 
 var sensitiveRegex = regexp.MustCompile(sensitiveRegexString)
 
diff --git a/mobile/callog/status_request_log_test.go b/mobile/callog/status_request_log_test.go
index 60c54445b..ca5558e5c 100644
--- a/mobile/callog/status_request_log_test.go
+++ b/mobile/callog/status_request_log_test.go
@@ -49,6 +49,11 @@ func TestRemoveSensitiveInfo(t *testing.T) {
 			input:    `{"username":"user1","email":"user1@example.com"}`,
 			expected: `{"username":"user1","email":"user1@example.com"}`,
 		},
+		{
+			name:     "should not match password substring in field names",
+			input:    `{"eventValue":{"flowType":"UserProfileCreatePassword","viewId":"UserProfileCreatePassword"}}`,
+			expected: `{"eventValue":{"flowType":"UserProfileCreatePassword","viewId":"UserProfileCreatePassword"}}`,
+		},
 	}
 
 	for _, tc := range testCases {