redact specific re and res properties

amooabeebadesina · amooabeebadesina · commit c40769806f30 · 2024-11-27T15:45:20.000+01:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,8 @@
 # Changelog
 
+## [0.6.0] - 2024-11-27
+- Redact specific properties in req and res
+
 ## [0.5.9] - 2024-10-30
 - Upgrade to `dd-trace` and `express` to their latest minor version.
 
diff --git a/bufflog.ts b/bufflog.ts
@@ -1,3 +1,9 @@
+import {
+    REQ_KEYS_REDACTED,
+    REQ_CONTEXT_KEYS_REDACTED,
+    RES_KEYS_REDACTED,
+    RES_CONTEXT_KEYS_REDACTED
+} from './constants'
 const pinoLogger = require('pino')({
     level: process.env.LOG_LEVEL ? String.prototype.toLowerCase.apply(process.env.LOG_LEVEL) : "notice",
     // probably we want to call it `msg`. if so, let's change the PHP library instead
@@ -19,7 +25,12 @@ const pinoLogger = require('pino')({
     useOnlyCustomLevels: true,
 
     redact: {
-        paths: ['req', 'res', 'context.req', 'context.res'],
+        paths: [
+          ...REQ_KEYS_REDACTED,
+          ...RES_KEYS_REDACTED,
+          ...REQ_CONTEXT_KEYS_REDACTED,
+          ...RES_CONTEXT_KEYS_REDACTED,
+        ],
         censor: '[ REDACTED ]',
     },
 });
diff --git a/constants.ts b/constants.ts
@@ -0,0 +1,17 @@
+const SERVER_KEYS_TO_REDACT = [
+  'body.password',
+  'query.password',
+  'cookies',
+  'fresh',
+  'res',
+  'secure',
+  'signedCookies',
+  'stale',
+  'xhr',
+  'headers'
+]
+
+export const REQ_KEYS_REDACTED = SERVER_KEYS_TO_REDACT.map((el: string) => `req.${el}`)
+export const REQ_CONTEXT_KEYS_REDACTED = SERVER_KEYS_TO_REDACT.map((el: string) => `context.req.${el}`)
+export const RES_KEYS_REDACTED = SERVER_KEYS_TO_REDACT.map((el: string) => `res.${el}`)
+export const RES_CONTEXT_KEYS_REDACTED = SERVER_KEYS_TO_REDACT.map((el: string) => `context.res.${el}`)
