Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mask sensitive information #73

Merged
merged 8 commits into from
May 13, 2019
Merged

Mask sensitive information #73

merged 8 commits into from
May 13, 2019

Conversation

bustikiller
Copy link
Collaborator

@bustikiller bustikiller commented May 10, 2019
edited
Loading

We need to mask some sensitive information such as credentials and API tokens.

@trusche
Copy link
Owner

trusche commented May 10, 2019

Hi @bustikiller, thanks for the PR, and that's a cool feature in principle.

I'll have to spend some time reviewing it and thinking through how this would cover the most common use cases - this implementation, at a glance, would only filter out key=value pairs, and for example not work on quoted value strings or JSON. If you want to take a shot at that, go ahead, otherwise I'll take it from here, but it will take a bit to get merged then.

trusche
trusche requested changes May 10, 2019
View reviewed changes
Copy link
Owner

@trusche trusche left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd use the term "mask" instead of "filter", it describes better what this is doing. "Filtering" implies removing, which could be misunderstood. "Masking" just means "don't show" more specifically.

Could we add test cases and implementation to support JSON as well as quoted strings as values?

lib/httplog/http_log.rb Outdated Show resolved Hide resolved
lib/httplog/http_log.rb Outdated Show resolved Hide resolved
@bustikiller bustikiller force-pushed the feature/filter-out-sensitive-info branch from 1494e12 to f2a75d2 Compare May 10, 2019 13:46
@bustikiller
Copy link
Collaborator Author

@trusche thanks for the fast feedback.

I will try to find some time to make this work with keywords inside JSON. However, I don't understand what you mean by "will not work on quoted string values". Could you please provide an example?

Thanks

@bustikiller bustikiller changed the title Filter out sensitive information Mask sensitive information May 10, 2019
@bustikiller
Copy link
Collaborator Author

@trusche I added tests with some JSON-body examples that came to my mind and fixed the masked_data method accordingly.

@bustikiller bustikiller force-pushed the feature/filter-out-sensitive-info branch from 1563220 to 8ee5606 Compare May 12, 2019 17:36
@bustikiller bustikiller force-pushed the feature/filter-out-sensitive-info branch from 8ee5606 to 6a46eb3 Compare May 12, 2019 17:38
@trusche trusche changed the base branch from master to develop May 13, 2019 09:05
@trusche trusche merged commit 9f93df1 into trusche:develop May 13, 2019
@trusche
Copy link
Owner

trusche commented May 13, 2019

Cool, thanks. I'll tweak this a bit, should go live shortly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@trusche trusche trusche approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bustikiller @trusche