You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We sometimes want to mask some fields in the request content which include sensitive information.
We could use the builderForJson() method alongside Jackson to convert the request content into JsonNode , allowing us to mask specific fields. With this method, we need to manually list the fields that we want to mask in a setting file or elsewhere, which I think might lead to misspellings and inadvertently expose sensitive information in the logs.
I think we need a way to verify that the fields we specify in the settings file exist in the request content. I believe that other methods, such as attaching a custom annotation to sensitive fields, would be better.
@trustin suggested an idea: implementing a parser that specializes in sanitization, i.e. don't parse everything but just replace a value at certain location (e.g. foo.bar.baz)
The text was updated successfully, but these errors were encountered:
Another idea: Introduce an annotation like @Mask and make Jackson (or the JSON serializer of choice) mask the annotated field during the serialization.
We can use a decorator to output request and response logs from a HTTP client as shown below
We sometimes want to mask some fields in the request content which include sensitive information.
We could use the
builderForJson()
method alongsideJackson
to convert the request content intoJsonNode
, allowing us to mask specific fields. With this method, we need to manually list the fields that we want to mask in a setting file or elsewhere, which I think might lead to misspellings and inadvertently expose sensitive information in the logs.I think we need a way to verify that the fields we specify in the settings file exist in the request content. I believe that other methods, such as attaching a custom annotation to sensitive fields, would be better.
@trustin suggested an idea: implementing a parser that specializes in sanitization, i.e. don't parse everything but just replace a value at certain location (e.g.
foo.bar.baz
)The text was updated successfully, but these errors were encountered: