Module: Failbot::SensitiveDataScrubber
- Included in:
- Failbot
- Defined in:
- lib/failbot/sensitive_data_scrubber.rb
Constant Summary collapse
- FILTERED =
'[FILTERED]'.freeze
- BASIC_AUTH_REGEX =
/https?:\/{2}([\w%\-!]*:[\w%\-!]*)@/
- SENSITIVE_KEYWORDS =
%w{ secret key access_token token password api_key oauth oauth_nonce }
- QUERY_STRING_REGEX =
Regexp.new("(?<key>#{SENSITIVE_KEYWORDS.join("|")})=[\\-\\w%]+")
- MAX_DEPTH =
100
Instance Method Summary collapse
- #scrub(hash) ⇒ Object
- #scrub_url(url) ⇒ Object
- #scrub_urls(value, max_depth = MAX_DEPTH) ⇒ Object
-
#transform_values(hash) ⇒ Object
Took this from ruby 2.4+ because we do not want to rely on specific ruby versions.
Instance Method Details
#scrub(hash) ⇒ Object
9 10 11 12 13 |
# File 'lib/failbot/sensitive_data_scrubber.rb', line 9 def scrub(hash) transform_values(hash) do |value| scrub_urls(value) end end |
#scrub_url(url) ⇒ Object
34 35 36 37 38 39 40 41 42 43 44 |
# File 'lib/failbot/sensitive_data_scrubber.rb', line 34 def scrub_url(url) filtered_url = url.gsub(QUERY_STRING_REGEX) do |_| "#{$~[:key]}=#{FILTERED}" end filtered_url.gsub(BASIC_AUTH_REGEX) do |m| ($1 && m.gsub($1, "#{FILTERED}:#{FILTERED}")) || m end rescue url end |
#scrub_urls(value, max_depth = MAX_DEPTH) ⇒ Object
15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
# File 'lib/failbot/sensitive_data_scrubber.rb', line 15 def scrub_urls(value, max_depth=MAX_DEPTH) return value if max_depth <= 0 case value when String scrub_url(value) when Array value.map do |element| scrub_urls(element, max_depth - 1) end when Hash transform_values(value) do |nested_value| scrub_urls(nested_value, max_depth - 1) end else value end end |
#transform_values(hash) ⇒ Object
Took this from ruby 2.4+ because we do not want to rely on specific ruby versions.
49 50 51 52 53 54 55 56 |
# File 'lib/failbot/sensitive_data_scrubber.rb', line 49 def transform_values(hash) return {} if hash.empty? result = Hash.new hash.each do |key, value| result[key] = yield(value) end result end |