sensitive-param-filter is a zero-dependency package designed to filter sensitive values from JavaScript objects.
This package can be used to scrub logs, filer data before outputting to a UI, etc.
The defaults provided with sensitive-param-filter should work well for most applications.
const { SensitiveParamFilter } = require('@amaabca/sensitive-param-filter')
const paramFilter = new SensitiveParamFilter()
const rawObject = {
Authorization: 'Bearer somedatatoken',
body: {
info: '{ "amount": 28.64, "credit_card": "4242424242424242", "cvv": "123" }'
},
method: 'POST',
url: 'https://pay.example.com?user=bob.bobbington&password=asecurepassword1234'
}
const filteredObject = paramFilter.filter(rawObject)
// filteredObject = {
// Authorization: 'FILTERED',
// body: {
// info: '{ "amount": 28.64, "credit_card": "FILTERED", "cvv": "FILTERED" }'
// },
// method: 'POST',
// url: 'https://pay.example.com?user=bob.bobbington&password=FILTERED'
// }
sensitive-param-filter examines keys to determine which values to filter.
Key matching is done in a case-insensitive, partial-macthing manner (that is, if the param AUTH is provided, Authorization, AUTHENTICATION, etc. will be filtered).
Key Features
- Does not modify input objects
- Performs a deep copy of the input object (note that booleans, numbers, and strings - which are immutable - are technically copied by reference)
- Does not copy functions
- Handles circular references
- Filters valid JSON strings
- Filters valid and malformed URL query params
Check out the package at https://github.com/amaabca/sensitive-param-filter, or install it via npm install @amaabca/sensitive-param-filter
Top comments (0)