redact sensitive URLs from stdout at /api/v2/project_updates/N/events/

see: https://github.com/ansible/tower/issues/2805

awx/api/serializers.py

@@ -57,7 +57,7 @@ from awx.main.utils import (
     has_model_field_prefetched, extract_ansible_vars, encrypt_dict,
     prefetch_page_capabilities, get_external_account)
 from awx.main.utils.filters import SmartFilter
-from awx.main.redact import REPLACE_STR
+from awx.main.redact import UriCleaner, REPLACE_STR
 
 from awx.main.validators import vars_validate_or_raise
 
@@ -4023,6 +4023,8 @@ class JobEventWebSocketSerializer(JobEventSerializer):
 
 
 class ProjectUpdateEventSerializer(JobEventSerializer):
+    stdout = serializers.SerializerMethodField()
+    event_data = serializers.SerializerMethodField()
 
     class Meta:
         model = ProjectUpdateEvent
@@ -4036,6 +4038,20 @@ class ProjectUpdateEventSerializer(JobEventSerializer):
         )
         return res
 
+    def get_stdout(self, obj):
+        return UriCleaner.remove_sensitive(obj.stdout)
+
+    def get_event_data(self, obj):
+        try:
+            return json.loads(
+                UriCleaner.remove_sensitive(
+                    json.dumps(obj.event_data)
+                )
+            )
+        except Exception:
+            logger.exception("Failed to sanitize event_data")
+            return {}
+
 
 class ProjectUpdateEventWebSocketSerializer(ProjectUpdateEventSerializer):
     created = serializers.SerializerMethodField()