| ▲ | b0gb 4 days ago | |
eazy secrets.forEach(secret => logMessage = logMessage.replaceAll(secret, '**')) | ||
| ▲ | mberning 4 days ago | parent | next [-] | |
That presumes you know all secrets ahead of time. A risk in and of itself. But from a practical point of view you will never know all secrets, because they are generated constantly in real time. | ||
| ▲ | pluto_modadic 4 days ago | parent | prev [-] | |
I've known users to type passwords in the username field. you implicitly do NOT know all secrets (e.g., a password is hashed). secrets can also churn, so even if you did your example would require something besides an in-memory array. and, the final point: what if your secret masking code fails on an exception, too ;) | ||