diff --git a/src/tools/cleaner.js b/src/tools/cleaner.js index 9cb49ab..2d079ad 100644 --- a/src/tools/cleaner.js +++ b/src/tools/cleaner.js @@ -44,6 +44,9 @@ const recurseCleanFuncs = (obj, path) => { // Recurse a nested object replace all instances of keys->vals in the bank. const recurseReplaceBank = (obj, bank = {}) => { const replacer = out => { + if (typeof out === 'number') { + out = String(out); + } if (typeof out !== 'string') { return out; } diff --git a/src/tools/create-logger.js b/src/tools/create-logger.js index 595980f..292f6dc 100644 --- a/src/tools/create-logger.js +++ b/src/tools/create-logger.js @@ -108,6 +108,7 @@ const makeSensitiveBank = (event, data) => { // keeps short values from spamming censor strings in logs, < 6 chars is not a proper secret // see https://github.com/zapier/zapier-platform-core/issues/4#issuecomment-277855071 if (val && String(val).length > 5) { + val = String(val); const censored = hashing.snipify(val); bank[val] = censored; bank[encodeURIComponent(val)] = censored; diff --git a/test/logger.js b/test/logger.js index b991c15..663dc72 100644 --- a/test/logger.js +++ b/test/logger.js @@ -245,6 +245,41 @@ describe('logger', () => { }); }); + it('should replace sensitive data that is not a string', () => { + const bundle = { + authData: { + numerical_token: 314159265 + } + }; + const logger = createlogger({ bundle }, options); + + const data = { + response_json: { + hello: 314159265 + }, + response_content: `{ + "hello": 314159265 + }` + }; + + return logger('test', data).then(response => { + response.status.should.eql(200); + response.content.json.should.eql({ + token: options.token, + message: 'test', + data: { + response_json: { + hello: ':censored:9:9cb84e8ccc:' + }, + response_content: `{ + "hello": :censored:9:9cb84e8ccc: + }`, + log_type: 'console' + } + }); + }); + }); + it('should not replace safe log keys', () => { const bundle = { authData: {