New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@aspecto/privacy-rules
Advanced tools
@aspecto/privacy-rules - npm Package Compare versions
Comparing version 0.0.3 to 0.0.4
@@ -56,3 +56,3 @@ "use strict"; | ||
| executeFilteredAction(actionType, filter, msg.HTTP_REQUEST.query); | ||
| // TODO: handle fullUrlProp | ||
| copyQueryToFullUrl(msg); | ||
| return; | ||
@@ -65,2 +65,13 @@ default: | ||
| }; | ||
| const copyQueryToFullUrl = (msg) => { | ||
| // we have query props in 2 places: fullUrl prop and query object | ||
| // it's easy to apply privacy rules to the object, but not to the raw string | ||
| // so we just replace query part of the fullUrl prop with the values from the query object | ||
| const { query } = msg.HTTP_REQUEST; | ||
| if (query) { | ||
| msg.HTTP_REQUEST.fullUrl = msg.HTTP_REQUEST.fullUrl.replace(/\?[^#/$]+/gi, `?${Object.keys(query) | ||
| .map((key) => `${key}=${query[key]}`) | ||
| .join('&')}`); | ||
| } | ||
| }; | ||
| exports.executeAction = (action, msg) => { | ||
@@ -67,0 +78,0 @@ const { actionType } = action; |
@@ -9,2 +9,3 @@ export declare type AspectoMessage = { | ||
| requestBody?: any; | ||
| fullUrl?: string; | ||
| query: Record<string, string>; | ||
@@ -11,0 +12,0 @@ requestHeaders: Record<string, string>; |
| { | ||
| "name": "@aspecto/privacy-rules", | ||
| "version": "0.0.3", | ||
| "version": "0.0.4", | ||
| "description": "Aspecto Privacy Rules Engine", | ||
@@ -5,0 +5,0 @@ "main": "./dist/index.js", |
@@ -137,2 +137,6 @@ import { PrivacyEngine } from '../src'; | ||
| expect(authMessage.HTTP_REQUEST.requestBody.password).toBe('__aspecto_field_blocked__'); | ||
| expect(authMessage.HTTP_REQUEST.query.Authentication).toBe('__aspecto_field_blocked__'); | ||
| expect(authMessage.HTTP_REQUEST.fullUrl).toBe( | ||
| 'https://auth-service.com/users/auth?Authentication=__aspecto_field_blocked__¶m1=notprivate#some/route' | ||
| ); | ||
| }); | ||
@@ -139,0 +143,0 @@ }); |
@@ -8,6 +8,7 @@ import { AspectoMessage } from '../src/types/AspectoMessage'; | ||
| route: { path: '/users/' }, | ||
| fullUrl: 'https://auth-service.com/users/auth?Authentication=token¶m1=notprivate#some/route', | ||
| body: { user: 'daniel', password: 'craig' }, | ||
| requestBody: { user: 'daniel', password: 'craig' }, | ||
| query: { | ||
| auth: 'token', | ||
| Authentication: 'token', | ||
| param1: 'notprivate', | ||
@@ -14,0 +15,0 @@ }, |
Sorry, the diff of this file is not supported yet
No alert changes
Improved metrics
- Total package byte prevSize
- increased by5.75%
26305
- Lines of code
- increased by4.43%
401
No dependency changes