Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add hidden match property handling #1

Draft
wants to merge 22 commits into
base: master
Choose a base branch
from
Draft

Add hidden match property handling #1

wants to merge 22 commits into from

Conversation

mkatychev
Copy link
Owner

@mkatychev mkatychev commented Jun 8, 2021
edited
Loading

Store the selector string of any found secret variables so that a sensible diff can be created without leaking secrets.

Description
When request/response mismatch occurs, hidden values (ex. _HIDDEN_VAL) are present in output when not relevant to mismatch.
Steps to Reproduce:

  • Trigger a diff that will still show the leaked value in the actual response:
> _HIDDEN
< leaked_value
Expected Result(s)
> _HIDDEN_SHA_VALUE
< _HIDDEN_SHA_VALUE

Stripe API example:

{
  "cut": {
    "from": [
      "STRIPE_API",
      "_STRIPE_KEY"
    ],
    "to": {
      "STRIPE_TOKEN": "'response'.'body'.'id'"
    }
  },
  "protocol": "HTTP",
  "request": {
    "header": {
      "Authorization": "Bearer ${_STRIPE_KEY}"
    },
    "uri": "POST /v1/tokens",
    "query": {
      "card[number]": 4242424242424242,
      "card[exp_month]": 4,
      "card[exp_year]": 2025,
      "card[cvc]": 314
    },
    "entrypoint": "${STRIPE_API}"
  },
  "response": {
    "validation": {
      "'response'.'body'": {
        "partial": true
      }
    },
    "body": {
      "id": "${_STRIPE_TOKEN}",
       // mismatch fails on a non-hidden value but _STRIPE_TOKEN value will be included in diff
      "something": "else"
    },
    "status": 200
  }
}

Produces this error:

< left / > right
 {
   "body": {
<    "id": "${_STRIPE_TOKEN}",
<    "something": "else"
>    "id": "tok_1J0B3Z2eZvKYlo2CjNjCNDG2"
   },
   "status": 200
 }

mkatychev added 22 commits April 27, 2021 16:31
@mkatychev
black and white man feature
781bdab
@mkatychev
added syntax highlighting and linewrapping
c2e772b
@mkatychev
moved dark man to a positional argument
0bd675f
@mkatychev
clippy feedback
1f2d981
@mkatychev
removed defunct structs
7aed0f4
@mkatychev
added paging to dark man
f823ae3
@mkatychev
removed dangling imports
5add64b
@mkatychev
formatted entry helpdoc
c08f290
@mkatychev
updated fr_md module
f5294a7
@mkatychev
cleaned up entry formatting
2d9de01
@mkatychev
updated Cargo deps
1a83dd9
@mkatychev
partial frame refactor
a71b535
@mkatychev
Merge branch 'man_feature' into err_property
3c2527c
@mkatychev
added conditional jql feature flag
c1a2bac
@mkatychev
get_jql_value -> select_value
96437ea
@mkatychev
bumped filmreel version
9bd4a72
@mkatychev
Merge branch 'dev' into err_property
7be3d8c
@mkatychev
Merge branch 'jql_toggle' into err_property
d211e56
@mkatychev
updated err property
d80d577
@mkatychev
Merge branch 'dev' into err_property
2770f5a
@mkatychev
interim commit
741792b
@mkatychev
Merge branch 'master' into err_property
9d943d3
@mkatychev mkatychev force-pushed the master branch 2 times, most recently from de05784 to e5fcbde Compare June 9, 2021 20:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@mkatychev