feat: add HarSanitizer for redacting sensitive data#244
Draft
deviantintegral wants to merge 9 commits intomainfrom
Draft
feat: add HarSanitizer for redacting sensitive data#244deviantintegral wants to merge 9 commits intomainfrom
deviantintegral wants to merge 9 commits intomainfrom
Conversation
deviantintegral
force-pushed
the
claude/har-sanitization-feature-AmIfL
branch
6 times, most recently
from
ce53a60 to
8baf6a2
Compare
… cloning Add __clone() methods to Entry, Request, Response, and PostData classes to ensure proper deep cloning of nested objects. This is essential for the HarSanitizer to work without modifying the original HAR data. - Entry: clones request, response, cache, timings, and initiator - Request: clones headers, cookies, queryString params, and postData - Response: clones headers, cookies, and content - PostData: clones params array
Add HarSanitizer class with redactHeaders() method to sanitize HTTP headers in HAR files. Supports: - Case-insensitive header name matching (default) - Optional case-sensitive matching via setCaseSensitive() - Custom redaction value via setRedactedValue() - Fluent interface for method chaining - Automatic headers size recalculation after redaction - Works on both request and response headers - Non-mutating: original HAR is preserved via deep cloning
Add redactQueryParams() method to sanitize query string parameters in HAR request URLs. Supports: - Case-insensitive parameter name matching (default) - Fluent interface for method chaining - Works alongside redactHeaders() for comprehensive sanitization
Add support for redacting sensitive fields in request and response bodies. Supports both form-encoded POST parameters and JSON bodies with recursive field redaction at any nesting level. - Add redactBodyFields() method for configuring fields to redact - Sanitize form-encoded POST params by field name - Sanitize JSON request bodies (PostData.text) - Sanitize JSON response bodies (Content.text) - Support recursive redaction in nested JSON structures - Support JSON arrays with objects containing sensitive fields - Preserve slashes and unicode characters in sanitized JSON - Add equivalent mutation ignores for LogicalAnd mutations
Add support for redacting cookie values in both requests and responses. - Add redactCookies() method for configuring cookies to redact - Sanitize request cookies by name - Sanitize response cookies by name - Support case-insensitive cookie name matching (default)
Add a new CLI command to sanitize HAR files by redacting sensitive data. Initial implementation supports redacting headers via --header option which can be specified multiple times. Usage: har:sanitize input.har output.har --header Authorization --header Cookie
Add support for redacting query parameters via the --query-param option which can be specified multiple times. Usage: har:sanitize input.har output.har --query-param api_key --query-param token
Add support for redacting body fields via the --body-field option which can be specified multiple times. Usage: har:sanitize input.har output.har --body-field password --body-field api_key
Add support for case-sensitive matching via the --case-sensitive flag. By default, field name matching is case-insensitive. When enabled, only exact case matches will be redacted. Usage: har:sanitize input.har output.har --query-param api_key --case-sensitive
deviantintegral
force-pushed
the
claude/har-sanitization-feature-AmIfL
branch
from
8ae329b to
9c250c2
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add HarSanitizer class to remove sensitive data from HAR files before committing fixtures to a repository. Supports redacting:
The sanitizer works on a cloned copy of the HAR to preserve the original. Case-insensitive matching is the default, with an option for case-sensitive.
Also adds __clone() methods to Entry, Request, Response, and PostData classes to ensure proper deep cloning of nested objects.