Filtering sensitive data with VCR

2019-03-24 21:20发布

I'm using VCR gem to record http interactions and replay them in future. I want to filter-out my actual password value in the uri request. Here's sample of what the uri looks like:

http://services.somesite.com/Services.asmx/Cabins
Username=long&Password=john&StartDate=03%2F22%2F2012&EndDate=03%2F29%2F2012

Though an explanation is provided here, I'm still not sure how to do it after a few attempts myself:

https://www.relishapp.com/myronmarston/vcr/v/2-0-0/docs/configuration/filter-sensitive-data

Any help would be appreciated.

标签： ruby ruby-on-rails-3 testing rspec vcr

2条回答

再贱就再见

2楼-- · 2019-03-24 21:58

for rails 4+, if you are using secrets.yml you might want to do

VCR.configure do |config|
  Rails.application.secrets.each do |k,v|
    config.filter_sensitive_data("ENV[#{k}]") { v }
  end
end

now you're sure not to forget any

0人赞添加讨论(0) 举报

狗以群分

3楼-- · 2019-03-24 21:59

VCR.configure do |c|
  c.filter_sensitive_data("<SOMESITE_PASSWORD>") do
    ENV['SOMESITE_PASSWORD']
    # or $credentials['somesite']['password'] or whatever
  end
end

Essentially, you give VCR a bit of placeholder text, and then the block needs to return the real password, reading it from whatever the canonical password "repository" is.

Note that the real password is only needed the first time, when the request is recorded; on subsequent runs, it can be a fake password (as long as it's the same fake password used by the code making the request).

0人赞添加讨论(0) 举报

Filtering sensitive data with VCR

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间