Closed yadanilov19 closed 11 months ago
I've just created a test to see if I could reproduce the issue but it shows me that if I push a Uri
instance as the value of a property that it is correctly masked:
public class WhenLoggingMessageWithUriPropertyValue
{
private readonly InMemorySink _inMemorySnk;
private readonly Logger _logger;
[Fact]
public void GivenPropertyValueIsUri_UriIsMasked()
{
_logger.Information("Message {Prop}", new Uri("https://tempuri.org"));
_inMemorySnk
.Snapshot()
.Should()
.HaveMessage("Message {Prop}")
.Appearing()
.Once()
.WithProperty("Prop")
.WithValue("***MASKED***");
}
public WhenLoggingMessageWithUriPropertyValue()
{
_inMemorySnk = new InMemorySink();
_logger = new LoggerConfiguration()
.Enrich.WithSensitiveDataMasking(options => options.MaskProperties.Add("Prop"))
.WriteTo.Sink(_inMemorySnk)
.CreateLogger();
}
}
Could you maybe adapt the test above to your particular situation where it fails? That would help me resolve your issue.
Sure! The problem appeared when I tried to mask info by my own realization of RegexMaskingOperator. Here is an adapted version of your test:
using System;
using System.Text.RegularExpressions;
using Serilog.Core;
using Serilog.Sinks.InMemory;
using Serilog.Sinks.InMemory.Assertions;
using Xunit;
namespace Serilog.Enrichers.Sensitive.Tests.Unit;
public class SomeMaskingOperator : RegexMaskingOperator
{
private const string SomePattern =
"someparam=.*?(.(?:&|$))";
public SomeMaskingOperator() : base(SomePattern, RegexOptions.IgnoreCase | RegexOptions.Compiled)
{
}
protected override string PreprocessInput(string input)
{
return input;
}
}
public class WhenLoggingMessageWithUriPropertyValue
{
private readonly InMemorySink _inMemorySnk;
private readonly Logger _logger;
[Fact]
public void GivenPropertyValueIsUri_UriIsMasked()
{
_logger.Information("Endpoint {Endpoint}", new Uri("https://tempuri.org/someparam=test@test.com"));
_inMemorySnk
.Snapshot()
.Should()
.HaveMessage("Endpoint {Endpoint}")
.Appearing()
.Once()
.WithProperty("Endpoint")
.WithValue("https://tempuri.org/someparam=***MASKED***");
}
public WhenLoggingMessageWithUriPropertyValue()
{
_inMemorySnk = new InMemorySink();
_logger = new LoggerConfiguration()
.Enrich.WithSensitiveDataMasking(options =>
{
options.MaskingOperators.Add(new SomeMaskingOperator());
})
.WriteTo.Sink(_inMemorySnk)
.CreateLogger();
}
}
Thanks, I’ll take a stab at that 👍
So I've figured out why this wasn't being caught before by the string masking part. Turns out that Uri
is a built-in type in Serilog and is therefore handled slightly different when rendered and retrieved as a property (see here).
@yadanilov19 I've created a separate PR so that I could add a few tests to it and published a new release (1.7.3) that should hit NuGet shortly.
Thanks for reporting this one 👍
Hi! I've faced problems when Uri pushed in log as param and it wasn't masked. I added an additional case section to handle that.