JSON report improvements - mask sensitive headers and payload nodes #449

ptrthomas · 2018-07-09T08:41:19Z

split #397 as it was half-complete

quoting:

maskRequestHeaders: ['Authorization', 'SomeOtherSecretHeader'] - header will still be shown but the content replaced with ***
maskResponseHeaders - like above
maskRequestPaths: ['$.password', '$..ssnId'] - this will replace the payload values with ***
maskResponsePaths - like above

The text was updated successfully, but these errors were encountered:

ptrthomas · 2018-10-28T19:53:25Z

re-evaluating - there are some concerns. we can never have a foolproof way to mask sensitive info, especially if a bug or user-error emits info in a log or stack-trace.

potentially the project will be blamed if this results in a security breach somewhere.

with #450 we can switch off html report log / steps.

community contribution may help, but closing for now.

ptrthomas added the enhancement label Jul 9, 2018

ptrthomas self-assigned this Jul 9, 2018

ptrthomas added this to the 0.9.0 milestone Jul 29, 2018

ptrthomas removed this from the 0.9.0 milestone Oct 28, 2018

ptrthomas added the help wanted label Oct 28, 2018

ptrthomas closed this as completed Oct 28, 2018

ptrthomas mentioned this issue Jun 26, 2019

Hide sensitive information from console and reports #699

Closed

ptrthomas mentioned this issue Mar 10, 2022

How to hide secret data present in karate-config.js getting shown in cucumber report. #1837

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

JSON report improvements - mask sensitive headers and payload nodes #449

JSON report improvements - mask sensitive headers and payload nodes #449

ptrthomas commented Jul 9, 2018

ptrthomas commented Oct 28, 2018

JSON report improvements - mask sensitive headers and payload nodes #449

JSON report improvements - mask sensitive headers and payload nodes #449

Comments

ptrthomas commented Jul 9, 2018

ptrthomas commented Oct 28, 2018