Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

filter_sensitive_data doesn't work with dynamic query parameter substitution #1040

Open
jscheid opened this issue Oct 8, 2024 · 0 comments

Comments

@jscheid
Copy link

jscheid commented Oct 8, 2024

When using filter_sensitive_data with a value extracted dynamically from a query parameter, the cassette fails to replay, apparently because VCR is comparing the URL without substitution to the sanitized one.

There's a simple workaround, but in an ideal world it wouldn't be necessary:

match_requests_on: [VCR.request_matchers.uri_without_param(:secret)]

Here is a failing test case:

diff --git a/spec/lib/vcr/configuration_spec.rb b/spec/lib/vcr/configuration_spec.rb
index 5e555e5..85701a9 100644
--- a/spec/lib/vcr/configuration_spec.rb
+++ b/spec/lib/vcr/configuration_spec.rb
@@ -158,6 +158,20 @@ RSpec.describe VCR::Configuration do
         end
       end
     end
+
+    specify 'the filter_sensitive_data option works with dynamic query parameters' do
+      VCR.configure do |c|
+        c.filter_sensitive_data('<SECRET>') do |interaction|
+          Rack::Utils.parse_query(URI(interaction.request.uri).query)['secret']
+        end
+      end
+
+      2.times do
+        VCR.use_cassette("example") do
+          ::Net::HTTP.get_response(URI("http://localhost:#{VCR::SinatraApp.port}/foo?secret=1234"))
+        end
+      end
+    end
   end
 
   [:before_record, :before_playback].each do |hook_type|

I've tried fixing this but got lost in hooks...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant