Skip to content

Commit 572600a

Browse files
freekmurzefreekmurze
authored
Merge pull request #18 from facade/censor-request-body
Add ability to censor request body fields
2 parents e72a760 + e0cceaf commit 572600a

4 files changed

Lines changed: 58 additions & 1 deletion

File tree

src/Context/ContextContextDetector.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,10 @@ private function runningInConsole(): bool
1919
return $_ENV['APP_RUNNING_IN_CONSOLE'] === 'true';
2020
}
2121

22+
if (isset($_ENV['FLARE_FAKE_WEB_REQUEST'])) {
23+
return false;
24+
}
25+
2226
return in_array(php_sapi_name(), ['cli', 'phpdb']);
2327
}
2428
}

src/Flare.php

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@
1313
use Facade\FlareClient\Http\Client;
1414
use Facade\FlareClient\Middleware\AddGlows;
1515
use Facade\FlareClient\Middleware\AnonymizeIp;
16+
use Facade\FlareClient\Middleware\CensorRequestBodyFields;
1617
use Illuminate\Contracts\Container\Container;
1718
use Illuminate\Pipeline\Pipeline;
1819
use Throwable;
@@ -226,11 +227,16 @@ private function applyAdditionalParameters(Report $report)
226227

227228
public function anonymizeIp()
228229
{
229-
$this->registerMiddleware(new AnonymizeIp);
230+
$this->registerMiddleware(new AnonymizeIp());
230231

231232
return $this;
232233
}
233234

235+
public function censorRequestBodyFields(array $fieldNames)
236+
{
237+
$this->registerMiddleware(new CensorRequestBodyFields($fieldNames));
238+
}
239+
234240
public function createReport(Throwable $throwable): Report
235241
{
236242
$report = Report::createForThrowable(

src/Middleware/CensorRequestBodyFields.php

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,30 @@
1+
<?php
2+
3+
namespace Facade\FlareClient\Middleware;
4+
5+
use Facade\FlareClient\Report;
6+
7+
class CensorRequestBodyFields
8+
{
9+
protected $fieldNames = [];
10+
11+
public function __construct(array $fieldNames)
12+
{
13+
$this->fieldNames = $fieldNames;
14+
}
15+
16+
public function handle(Report $report, $next)
17+
{
18+
$context = $report->allContext();
19+
20+
foreach ($this->fieldNames as $fieldName) {
21+
if (isset($context['request_data']['body'][$fieldName])) {
22+
$context['request_data']['body'][$fieldName] = '<CENSORED>';
23+
}
24+
}
25+
26+
$report->userProvidedContext($context);
27+
28+
return $next($report);
29+
}
30+
}

tests/FlareTest.php

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -126,6 +126,23 @@ public function it_can_anonymize_the_ip()
126126
]);
127127
}
128128

129+
/** @test */
130+
public function it_can_censor_request_data()
131+
{
132+
$_ENV['FLARE_FAKE_WEB_REQUEST'] = true;
133+
$_POST['user'] = 'john@example.com';
134+
$_POST['password'] = 'secret';
135+
136+
$this->flare->censorRequestBodyFields(['user', 'password']);
137+
138+
$this->reportException();
139+
140+
$this->fakeClient->assertLastRequestContains('context.request_data.body', [
141+
'user' => '<CENSORED>',
142+
'password' => '<CENSORED>',
143+
]);
144+
}
145+
129146
/** @test */
130147
public function it_can_merge_user_provided_context()
131148
{

0 commit comments

Comments
 (0)