使用 VCR 过滤敏感数据 [英] Filtering sensitive data with VCR
问题描述
我正在使用 VCR gem 记录 http 交互并在将来重播它们.我想在 uri 请求中过滤掉我的实际密码值.以下是 uri 的示例:
I'm using VCR gem to record http interactions and replay them in future. I want to filter-out my actual password value in the uri request. Here's sample of what the uri looks like:
http://services.somesite.com/Services.asmx/Cabins
Username=long&Password=john&StartDate=03%2F22%2F2012&EndDate=03%2F29%2F2012
虽然这里提供了解释,但我自己尝试了几次后仍然不确定如何去做:
Though an explanation is provided here, I'm still not sure how to do it after a few attempts myself:
https://www.relishapp.com/myronmarston/vcr/v/2-0-0/docs/configuration/filter-sensitive-data
任何帮助将不胜感激.
推荐答案
VCR.configure do |c|
c.filter_sensitive_data("<SOMESITE_PASSWORD>") do
ENV['SOMESITE_PASSWORD']
# or $credentials['somesite']['password'] or whatever
end
end
本质上,你给 VCR 一些占位符文本,然后块需要返回真实密码,从任何规范密码存储库"中读取它.
Essentially, you give VCR a bit of placeholder text, and then the block needs to return the real password, reading it from whatever the canonical password "repository" is.
注意,真正的密码只在第一次,当请求被记录时才需要;在随后的运行中,它可以是一个假密码(只要它与发出请求的代码使用的假密码相同).
Note that the real password is only needed the first time, when the request is recorded; on subsequent runs, it can be a fake password (as long as it's the same fake password used by the code making the request).
这篇关于使用 VCR 过滤敏感数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!