-
Notifications
You must be signed in to change notification settings - Fork 198
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sensitive object logging redaction #3828
Comments
The default behavior for classes would print something like This is probably an issue for whatever package it is that is giving you that customized |
My apologies, I erroneously omitted the |
I would suggest just using a wrapper class here: class Private<T> {
final T privateValueWhichShouldNotEscape;
Private(this.privateValueWhichShouldNotEscape);
} That should send the right signal to anybody using the value, that it shouldn't be printed, assigned to other variables, etc. |
You could possibly even do this as an extension type to make it zero cost. |
Not sure this is something I'd want to solve at the language level. You have something which is not just a string, it's a password. The problem here is that you both want to convert it to JSON, but also don't want to convert it to a string, but JSON is a text format. |
I wouldn't get too hung up on the fact that my example is a password or uses .toJson - these are just examples. It could very well be something like a social security number, or some other private item. The idea here is that it would function as normal, but using any |
The advice above isn't specific to passwords, which is why I suggested a generic class. The methods you describe all just call By naming the actual member to access the real value something scary, it should make it easy in code reviews to know when the real, unredacted version is being accessed so that such access can be carefully assessed. |
That's a valid and fair point. |
A while back, I described this on the wrong repo. I'm finally getting around to putting it in the right place; here. :)
Consider the following scenario: You've got a data class, such as the following.
The following is the current behavior:
Output:
I/flutter (10392): {username: hans, password: password}
What I'm proposing is a new keyword, such as
sensitive
, that would look something like this:So, at a system level when you try to log/print the parameter, you'd see something like this:
I/flutter (10392): {username: hans, password: <SENSITIVE>}
The text was updated successfully, but these errors were encountered: