Scrub payload["value"] for LiveView form submit events (#6267)

Author: zachdaniel

lib/phoenix/logger.ex

@@ -172,10 +172,20 @@ defmodule Phoenix.Logger do
 
   defp discard_values(%{} = map, params) do
     Enum.into(map, %{}, fn {k, v} ->
-      if is_binary(k) and String.contains?(k, params) do
-        {k, "[FILTERED]"}
-      else
-        {k, discard_values(v, params)}
+      cond do
+        is_binary(k) and String.contains?(k, params) ->
+          {k, "[FILTERED]"}
+
+        is_binary(v) and String.contains?(v, params) ->
+          new_value =
+            Enum.reduce(params, v, fn param, v ->
+              Regex.replace(~r/#{Regex.escape(param)}=([^&]*)(&?)/, v, "#{param}=[FILTERED]\\2")
+            end)
+
+          {k, new_value}
+
+        true ->
+          {k, discard_values(v, params)}
       end
     end)
   end

lib/phoenix/socket/message.ex

@@ -35,6 +35,19 @@ defmodule Phoenix.Socket.Message do
         raise Phoenix.Socket.InvalidMessageError, "missing key #{inspect(err.key)}"
     end
   end
+
+  defimpl Inspect do
+    def inspect(%Phoenix.Socket.Message{} = msg, opts) do
+      processed_msg = process_message(msg)
+      Inspect.Any.inspect(processed_msg, opts)
+    end
+
+    defp process_message(%{payload: payload} = msg) when is_map(payload) do
+      %{msg | payload: Phoenix.Logger.filter_values(payload)}
+    end
+
+    defp process_message(msg), do: msg
+  end
 end
 
 defmodule Phoenix.Socket.Reply do

test/phoenix/socket/message_test.exs

@@ -0,0 +1,64 @@
+defmodule Phoenix.Socket.MessageTest do
+  use ExUnit.Case, async: true
+  doctest Phoenix.Socket.Message
+
+  alias Phoenix.Socket.Message
+
+  describe "inspect/2 custom implementation" do
+    test "filters sensitive values in form submit events" do
+      message = %Message{
+        topic: "lv:1",
+        event: "event",
+        payload: %{
+          "event" => "submit",
+          "type" => "form",
+          "value" => "username=john&password=secret123&[email protected]"
+        },
+        ref: "1",
+        join_ref: "1"
+      }
+
+      inspected = inspect(message)
+
+      assert inspected =~ "password=[FILTERED]"
+      assert inspected =~ "username=john"
+      assert inspected =~ "[email protected]"
+    end
+
+    test "filters sensitive values at the end of form submit events" do
+      message = %Message{
+        topic: "lv:1",
+        event: "event",
+        payload: %{
+          "event" => "submit",
+          "type" => "form",
+          "value" => "username=john&password=secret123"
+        },
+        ref: "1",
+        join_ref: "1"
+      }
+
+      inspected = inspect(message)
+
+      assert inspected =~ "username=john"
+      assert inspected =~ "password=[FILTERED]\""
+    end
+
+    test "handles malformed query strings gracefully" do
+      message = %Message{
+        topic: "lv:1",
+        event: "event",
+        payload: %{
+          "event" => "submit",
+          "type" => "form",
+          "value" => "invalid=query=string&password=secret"
+        },
+        ref: "1",
+        join_ref: "1"
+      }
+
+      inspected = inspect(message)
+      assert is_binary(inspected)
+    end
+  end
+end