When using REST Assured, what’s the best method of keeping sensitive data out of the log?

Q: When using REST Assured, what’s the best method of keeping sensitive data out of the log?

Use a blacklist to prevent sensitive data from appearing in the log. Here’s how: Set<String> headers = new HashSet<String>(); headers.add("X-REGION"); headers.add("content-type"); given().baseUri("http://localhost:8080").header("X-REGION", "NAM") // blacklist headers .config(config.logConfig(LogConfig.logConfig().blacklistHeaders(headers))) // blacklist multiple headers .config(config().logConfig(LogConfig.logConfig().blacklistHeader("Accept","set-cookie"))) .log().all() .when() .get("/employees") .then() .assertThat() .statusCode(200);

Question

admin · Accepted Answer

Use a blacklist to prevent sensitive data from appearing in the log. Here’s how:

Set headers = new HashSet();
headers.add("X-REGION");
headers.add("content-type");

given().baseUri("http://localhost:8080").header("X-REGION", "NAM")

// blacklist headers
.config(config.logConfig(LogConfig.logConfig().blacklistHeaders(headers)))

// blacklist multiple headers
.config(config().logConfig(LogConfig.logConfig().blacklistHeader("Accept","set-cookie")))

.log().all()
.when()
.get("/employees")
.then()
.assertThat()
.statusCode(200);

When using REST Assured, what’s the best method of keeping sensitive data out of the log?

Leave a Reply Cancel reply