logger filter is not effective on keys in an array
ablce9 opened this issue · 2 comments
While working with logging sensitive data in arrays, filter: %w[password]
is not working.
data comes like this👇
{ items: [ { password: 'password1'}, { password: 'password2'} ] }
Code below from Hanami logger docs
Hanami.configure do
# ...
environment :development do
logger level: :debug, filter: %w[credit_card.number]
end
end
only works for deep hashes.
[bookshelf] [INFO] [2017-08-11 18:43:04 +0200] HTTP/1.1 PATCH 200 ::1 /billing 2 {"billing"=>{"name"=>"Luca", "address"=>{"street"=>"Centocelle", "number"=>"23", "city"=>"Rome"}, "credit_card"=>{"number"=>"[FILTERED]"}}} 0.009782
However, the documentation doesn't really state the case where keys are in the array. I do understand a cost it takes to filter out every single key BUT I really appreciate if there is an option for filter the key in arrays.
What if credit_card
comes with an array??
number
should be filtered as expected.
[bookshelf] [INFO] [2017-08-11 18:43:04 +0200] HTTP/1.1 PATCH 200 ::1 /billing 2 {"billing"=>{"name"=>"Luca", "address"=>{"street"=>"Centocelle", "number"=>"23", "city"=>"Rome"}, "credit_cards"=>[{"number"=>"not filtered!!","some_key":"This one should not be filtered"}]}} 0.009782
filter: %w[credit_cards]
generally works but in most cases, another keys exist.
Hi, it is true, when build the paths to compare them with the filters, it doesn't contemplate iterating in the arrays.
utils/lib/hanami/logger/filter.rb
Lines 43 to 47 in 30c158a
Maybe it could be contemplated in the following way:
emirdaponte@7ae71be
What do you think about it?