Palisade should not return field names if the contents are null

[ac74475]

If the contents of a field are null, then it is probably because it was redacted, in which case we want to prevent the field names being returned. This may have some issues for clients needing to know the schema of the data it is receiving.

[m09526]

There's not much option we have here since we are populating objects on the client side. Therefore, from a security point of view, there is no difference between returning some fields as null and not returning them at all since, it is obvious from the object what is missing as Java is a statically typed. Ditto for Avro, the schema is fixed so you don't have the option not to return a field, they have to be present.

On more dynamic serialisation formats that include dynamic attributes as a map or list, then it should be possible to just filter out the items that don't match. In our current architecture then I don't see how this is possible.

Opinions on closing this issue?

[ac74475]

I think once we solve issue gh-362 then we have the ability to modify the schema that the data will be returned as such that you don't leak that data has been redacted by having the field in the schema