From 74707547ba505cd925400a299707b2aaa6a550f4 Mon Sep 17 00:00:00 2001 From: Carlos Henrique Date: Wed, 6 Apr 2022 15:17:19 -0300 Subject: [PATCH 1/2] filter sensitive values in axios error --- src/logger-filter.ts | 17 +++++++++++++++-- test/fixtures/axios-error.json | 3 ++- test/logger-filter.spec.ts | 16 +++++++++++++--- 3 files changed, 30 insertions(+), 6 deletions(-) diff --git a/src/logger-filter.ts b/src/logger-filter.ts index f6185b1..e3194cd 100644 --- a/src/logger-filter.ts +++ b/src/logger-filter.ts @@ -41,22 +41,35 @@ export class LoggerFilter { const innerObject = this.isPlainObject(item[key]) ? objectWithoutCircularReference[key] : item[key]; + result[key] = this.filterItem(key, innerObject); }); return result; } + private isLossLessNumber(value: any): boolean { + if (value instanceof LosslessNumber) { + return true; + } + + if (value?.constructor === Object && value.type === "LosslessNumber") { + return true; + } + + return false; + } + private filterItem(key: string, item: any): any { if (this.isOnBlacklist(key) && !this.isOnWhitelist(key)) { return this.placeholder; } if (item instanceof Error) { - return this.filterError(item); + return this.filterObject(this.filterError(item)); } - if (item instanceof LosslessNumber) { + if (this.isLossLessNumber(item)) { return item.value; } diff --git a/test/fixtures/axios-error.json b/test/fixtures/axios-error.json index 4ad213b..584838f 100644 --- a/test/fixtures/axios-error.json +++ b/test/fixtures/axios-error.json @@ -7,7 +7,8 @@ "Accept": "application/json, text/plain, */*", "Content-Type": "application/json;charset=utf-8", "countryId": 1, - "User-Agent": "axios/0.19.2" + "User-Agent": "axios/0.19.2", + "x-api-key": "b6732a5f-a233-49b1-8b23-ef92d8e638ab" }, "baseURL": "https://domain.com", "transformRequest": [], diff --git a/test/logger-filter.spec.ts b/test/logger-filter.spec.ts index 69f2493..08b29f0 100644 --- a/test/logger-filter.spec.ts +++ b/test/logger-filter.spec.ts @@ -238,7 +238,7 @@ describe("LoggerFilter", () => { expect(parsed.error.name).toBe(expectedResult.error.name); }); - it("Should serialize an axios error removing not need attributes", () => { + it("Should serialize an axios error removing useless attributes and replacing sensitive content", () => { // Given // eslint-disable-next-line @typescript-eslint/no-var-requires const error = require("./fixtures/axios-error.json"); @@ -246,11 +246,21 @@ describe("LoggerFilter", () => { const item = { error }; const expectedError = { error: { - config: error.config, + config: { + ...error.config, + data: {}, + maxContentLength: error.config.maxContentLength.toString(), + timeout: error.config.timeout.toString(), + headers: { + ...error.config.headers, + "x-api-key": DEFAULT_PLACE_HOLDER, + countryId: error.config.headers.countryId.toString(), + }, + }, message: error.message, name: error.name, response: { - status: error.response.status, + status: error.response.status.toString(), statusText: error.response.statusText, headers: error.response.headers, data: error.response.data, From ba100490a722b2cc58ce3e9f3e4ab323f8469040 Mon Sep 17 00:00:00 2001 From: Carlos Henrique Date: Fri, 8 Apr 2022 19:50:02 -0300 Subject: [PATCH 2/2] add test to identify losslessNumber as pure object --- src/logger-filter.ts | 1 - test/logger-filter.spec.ts | 20 ++++++++++++++++++++ 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/src/logger-filter.ts b/src/logger-filter.ts index e3194cd..c17db7b 100644 --- a/src/logger-filter.ts +++ b/src/logger-filter.ts @@ -41,7 +41,6 @@ export class LoggerFilter { const innerObject = this.isPlainObject(item[key]) ? objectWithoutCircularReference[key] : item[key]; - result[key] = this.filterItem(key, innerObject); }); diff --git a/test/logger-filter.spec.ts b/test/logger-filter.spec.ts index 08b29f0..93d28e5 100644 --- a/test/logger-filter.spec.ts +++ b/test/logger-filter.spec.ts @@ -1,6 +1,7 @@ import { DEFAULT_BLACK_LIST } from "../src/default-black-list"; import { LoggerFilter } from "../src/logger-filter"; import faker from "faker"; +import { parse } from "lossless-json"; const DEFAULT_PLACE_HOLDER = "*sensitive*"; @@ -155,6 +156,25 @@ describe("LoggerFilter", () => { expect(parsed).toStrictEqual(expectedResult); }); + it("Should return the original data when losslessNumber is converted to pure object", () => { + // Given + const key = faker.random.word(); + const value = faker.datatype.number().toString(); + const losslessNumberInstance = parse(value); + const losslessNumberPureObject = JSON.parse( + JSON.stringify(losslessNumberInstance) + ); + const item = { [key]: losslessNumberPureObject }; + const expectedResult = { [key]: value }; + const filter = new LoggerFilter(); + + // When + const parsed = filter.process(item); + + // Then + expect(parsed).toStrictEqual(expectedResult); + }); + it("Should replace into a nested object inside an array", () => { // Given const key = faker.random.word();