DEV Community

Zach Jullion
Zach Jullion

Posted on

sensitive-param-filter: A package for filtering sensitive data (parameters, keys) from a variety of JS objects

sensitive-param-filter is a zero-dependency package designed to filter sensitive values from JavaScript objects.
This package can be used to scrub logs, filer data before outputting to a UI, etc.
The defaults provided with sensitive-param-filter should work well for most applications.

const { SensitiveParamFilter } = require('@amaabca/sensitive-param-filter')
const paramFilter = new SensitiveParamFilter()
const rawObject = {
  Authorization: 'Bearer somedatatoken',
  body: {
    info: '{ "amount": 28.64, "credit_card": "4242424242424242", "cvv": "123" }'
  method: 'POST',
  url: ''
const filteredObject = paramFilter.filter(rawObject)
// filteredObject = {
//   Authorization: 'FILTERED',
//   body: {
//     info: '{ "amount": 28.64, "credit_card": "FILTERED", "cvv": "FILTERED" }'
//   },
//   method: 'POST',
//   url: ''
// }

sensitive-param-filter examines keys to determine which values to filter.
Key matching is done in a case-insensitive, partial-macthing manner (that is, if the param AUTH is provided, Authorization, AUTHENTICATION, etc. will be filtered).

Key Features

  • Does not modify input objects
  • Performs a deep copy of the input object (note that booleans, numbers, and strings - which are immutable - are technically copied by reference)
  • Does not copy functions
  • Handles circular references
  • Filters valid JSON strings
  • Filters valid and malformed URL query params

Check out the package at, or install it via npm install @amaabca/sensitive-param-filter

Top comments (0)