search

Orange-OpenSource / hurl

Hurl, run and test HTTP requests with plain text.
https://hurl.dev
Apache License 2.0
12.89k stars 482 forks source link

Capturing sensitive data : hiding the value in the report #2972

Open glb-cblin opened 3 months ago

glb-cblin commented 3 months ago

I'd like to capture sensitive data in my test and I do not want it to show up in the reports

Is that possible ?

Actual example

POST {{URL}}:/token
{
  "login": "{{LOGIN}}", 
  "password": "{{PASSWORD}}"
}

HTTP 200
[Captures]
access_token: jsonpath "$.access_token"

=> I do not want to be able to see this access_token in the report since it is a permanent token (yes I know, it's not correct from the server to return always the same token but I do not have the choice here ...)

I'd like to be able to do something like

 access_token: jsonpath "$.access_token" hidden
jcamiel commented 3 months ago

Hi, Yes we'll support this feature : hiding secrets in logs and reports.

See #2950

glb-cblin commented 3 months ago

I'm sorry, I do not see how this is realted to #2950

jcamiel commented 1 month ago

Sorry for this, it should have been #2947