Comments (3)
lucagiove
commented on June 10, 2024
I agree there should be an hiding mechanism for such sensitive data.
from robotframework-requests.
lucagiove
commented on June 10, 2024
Mainly the idea could be to have a parsing function that search in headers keys for well known authentication mechanism and remove the sensitive data from log.
So I expect to find in log example Authorization: 'value-has-been-redacted'
Probably by default the redaction is enabled and can be disabled maybe at debug logging level.
This solution should consider performance since logging is quite cpu intensive when lot of requests are issued.
from robotframework-requests.
nestoracunablanco
commented on June 10, 2024
Hello @lucagiove , I wanted to confirm if I understood you correctly. I have just submitted a PR, which is currently incomplete. The PR focuses on retrieving header information, verifying the presence of an authorization key, and masking it with asterisks. This practice is commonly used to prevent logging of sensitive information.
In addition, I can also incorporate functionality to enable based on the log level. However, before expanding the code further in the PR, I would appreciate your feedback on whether I am proceeding in the right direction.
from robotframework-requests.
Related Issues (20)
- could post data encoding support other except utf8
- If the Mongo ObjectId is passed through the req body, it does not parse ! HOT 1
- delete all session keyword calls empty_cache method on robot.utils.connection_cache instead of close_all leading port exhaustion
- Disable warnings not working properly? HOT 4
- Decorators hide arguments for keywords, breaking intellisense for Vscode and robot LSP HOT 1
- GET On Session is replacing '//' in url HOT 3
- Not able to configure token using Authorization OAuth2 in Robot framework ,Getting error status=401, reason=Unauthorized HOT 2
- Better error message when expecting JSON but get 204 (No content) response
- How to store Value returned from 1st keyword and then using that value in another keywords without running the 1st keyword again in robot framework HOT 1
- The x-www-form-urlencoded Client authentication failed HOT 1
- Descriptions for PUT and PATCH cointain the same text HOT 1
- Question: how does this library treat cache HOT 1
- When a post request uses post on session to send data mode, the parameters are cut HOT 5
- File Descriptor Not Closed For File Parameter HOT 2
- Can't set SSL verification to value ssl.CERT_NONE HOT 2
- "Status Should Be" uses last request even if a response is provided HOT 2
- Generated html keyword documentation uses single asterisk where 3 should be used for sections.
- Verify=False is not propogated to bypass ssl verification HOT 4
- How to download multiple files in local system using POST API request in robot framework rather than in binary form data ?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from robotframework-requests.