httplog 1.2.2 → 1.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 9395e3bb51404b12d1d3504e928ae722793de10c
-  data.tar.gz: a365c1134ff32ec56eb14f0fd26ac9b971269e1e
+SHA256:
+  metadata.gz: bd063a60dafd4b6bcc29fa80d877f8bd650375f4633fb0f0bc4398075677b583
+  data.tar.gz: 136a0fe30f033ad30f8867e327e18109255735b371cc9ab5a7d8e973d3b6e201
 SHA512:
-  metadata.gz: e2a020f5b5e3d7796cf37194e7e77942ffe4f39e6d2ec2319d5c25e1d18ee62780240397df4e71407a5bfd45d04835fce02cfefb3731a19bcad10bcf5965196e
-  data.tar.gz: 9c5dda03458471e2fa64b1853c2b0ddd08820802268dc4c4681de322b008912f2e79a100525135f2b2282939ef157bc4618ac21b178589d8987316747640e460
+  metadata.gz: d4de29f881f37f1149400324e8c97de77dd7d7ef21e983dd513e411ae4c5b3d67d886807accdfddccbcc388d03e242e4597457d42783525e8ddcf8dbf9064799
+  data.tar.gz: 46df8a4e8dff1054f60b8545db22df35159c20ee0ab405d78795d476cc990efffd7d8cfe635f7641667d78cbac38fc0d5709ae8e802d040989356a883d3a4cd8

data/.ruby-version

@@ -1 +1 @@
-2.4.2
+2.6.2

data/.travis.yml

@@ -1,13 +1,12 @@
 language: ruby
 rvm:
-  - "2.3.8"
   - "2.4.5"
   - "2.5.3"
-  - "2.6.0"
+  - "2.6.2"
 gemfile:
-  - gemfiles/http2.gemfile
   - gemfiles/http3.gemfile
   - gemfiles/http4.gemfile
+  - gemfiles/http5.gemfile
   - gemfiles/rack1.gemfile
   - gemfiles/rack2.gemfile
 

data/CHANGELOG.md

@@ -1,3 +1,13 @@
+## 1.3.0 - 2019-05-18
+
+* [#74](https://github.com/trusche/httplog/pull/74) Added ability to filter sensitive parameter values in the request (based on [#73](https://github.com/trusche/httplog/pull/73)). Default masking of `password` parameter
+* Removed explicit support and tests for ruby 2.3 and http gem v2
+* [#71](https://github.com/trusche/httplog/pull/71) Rounding benchmark in compact mode
+
+## 1.2.2 - 2019-03-15
+
+* [#70](https://github.com/trusche/httplog/pull/70) Fixed a bug where blacklisting caused requests to not be sent with HTTP adapter
+
 ## 1.2.1 - 2019-01-28
 
 * [#67](https://github.com/trusche/httplog/pull/67) Gracefully handling empty response headers in Ethon

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    httplog (1.2.2)
+    httplog (1.3.0)
       rack (>= 1.0)
       rainbow (>= 2.0.0)
 
@@ -127,4 +127,4 @@ DEPENDENCIES
   thin (~> 1.7)
 
 BUNDLED WITH
-   1.17.1
+   1.17.2

data/README.md

@@ -5,7 +5,7 @@
 
 Log outgoing HTTP requests made from your application. Helps with debugging pesky API error responses, or just generally understanding what's going on under the hood.
 
-Requires ruby >= 2.3.
+Requires ruby >= 2.4.
 
 This gem works with the following ruby modules and libraries:
 
@@ -81,6 +81,9 @@ HttpLog.configure do |config|
   # Limit logging based on URL patterns
   config.url_whitelist_pattern = nil
   config.url_blacklist_pattern = nil
+
+  # Mask the values of sensitive requestparameters
+  config.filter_parameters = %w[password]
 end
 ```
 
@@ -121,15 +124,40 @@ If the log is too noisy for you, but you don't want to completely disable it eit
 
 If you want to log HTTP requests in a JSON format, set the `json_log` option to `true`. You can combine this with `compact_log` to only log the basic request metrics without headers and bodies.
 
+### Parameter filtering
+
+Just like in Rails, you can filter the values of sensitive parameters by setting the `filter_parameters` to an array of (lower case) keys. The value for "password" is filtered by default.
+
+**Please note** that this will **only filter the request data** with well-formed parameters (in the URL, the headers, and the request data) but **not the response**. It does not currently filter JSON request data either, just standard "key=value" pairs in the request body.
+
 ### Example
 
 With the default configuration, the log output might look like this:
 
-    D, [2012-11-21T15:09:03.532970 #6857] DEBUG -- : [httplog] Connecting: localhost:80
-    D, [2012-11-21T15:09:03.533877 #6857] DEBUG -- : [httplog] Sending: GET http://localhost:9292/index.html
-    D, [2012-11-21T15:09:03.534499 #6857] DEBUG -- : [httplog] Status: 200
-    D, [2012-11-21T15:09:03.534544 #6857] DEBUG -- : [httplog] Benchmark: 0.00057 seconds
-    D, [2012-11-21T15:09:03.534578 #6857] DEBUG -- : [httplog] Response:
+    [httplog] Connecting: localhost:80
+    [httplog] Sending: GET http://localhost:9292/index.html
+    [httplog] Status: 200
+    [httplog] Benchmark: 0.00057 seconds
+    [httplog] Response:
+    <html>
+      <head>
+        <title>Test Page</title>
+      </head>
+      <body>
+        <h1>This is the test page.</h1>
+      </body>
+    </html>
+
+With `log_headers = true` and a parameter 'password' in the request query and headers:
+
+
+    [httplog] Connecting: localhost:80
+    [httplog] Sending: GET http://localhost:9292/index.html?password=[FILTERED]
+    [httplog] Header: accept: *.*
+    [httplog] Header: password=[FILTERED]
+    [httplog] Status: 200
+    [httplog] Benchmark: 0.00057 seconds
+    [httplog] Response:
     <html>
       <head>
         <title>Test Page</title>
@@ -163,21 +191,21 @@ a suggestion for a fix, please open an issue or, even better, submit a pull requ
 * When using OpenURI, the reading of the HTTP response body is deferred,
   so it is not available for logging. This will be noted in the logging statement:
 
-        D, [2012-11-21T15:09:03.547005 #6857] DEBUG -- : [httplog] Connecting: localhost:80
-        D, [2012-11-21T15:09:03.547938 #6857] DEBUG -- : [httplog] Sending: GET http://localhost:9292/index.html
-        D, [2012-11-21T15:09:03.548615 #6857] DEBUG -- : [httplog] Status: 200
-        D, [2012-11-21T15:09:03.548662 #6857] DEBUG -- : [httplog] Benchmark: 0.000617 seconds
-        D, [2012-11-21T15:09:03.548695 #6857] DEBUG -- : [httplog] Response: (not available yet)
+        [httplog] Connecting: localhost:80
+        [httplog] Sending: GET http://localhost:9292/index.html
+        [httplog] Status: 200
+        [httplog] Benchmark: 0.000617 seconds
+        [httplog] Response: (not available yet)
 
 *  When using HTTPClient, the TCP connection establishment will be logged
    *after* the HTTP request and headers, due to the way HTTPClient is organized.
 
-        D, [2012-11-22T18:39:46.031698 #12800] DEBUG -- : [httplog] Sending: GET http://localhost:9292/index.html
-        D, [2012-11-22T18:39:46.031756 #12800] DEBUG -- : [httplog] Header: accept: */*
-        D, [2012-11-22T18:39:46.031788 #12800] DEBUG -- : [httplog] Header: foo: bar
-        D, [2012-11-22T18:39:46.031942 #12800] DEBUG -- : [httplog] Connecting: localhost:9292
-        D, [2012-11-22T18:39:46.033409 #12800] DEBUG -- : [httplog] Status: 200
-        D, [2012-11-22T18:39:46.033483 #12800] DEBUG -- : [httplog] Benchmark: 0.001562 seconds
+        [httplog] Sending: GET http://localhost:9292/index.html
+        [httplog] Header: accept: */*
+        [httplog] Header: foo: bar
+        [httplog] Connecting: localhost:9292
+        [httplog] Status: 200
+        [httplog] Benchmark: 0.001562 seconds
 
 * Also when using HTTPClient, make sure you include `httplog` **after** `httpclient` in your `Gemfile`.
 

data/gemfiles/http4.gemfile

@@ -2,6 +2,6 @@
 
 source 'https://rubygems.org'
 
-gem 'http', github: 'httprb/http'
+gem 'http', '~> 4.0'
 
 gemspec path: '..'

data/gemfiles/{http2.gemfile → http5.gemfile}

@@ -2,6 +2,6 @@
 
 source 'https://rubygems.org'
 
-gem 'http', '~> 2.0'
+gem 'http', '~> 5.0.0.pre'
 
 gemspec path: '..'

data/lib/httplog/adapters/excon.rb

@@ -4,7 +4,7 @@ if defined?(Excon)
   module Excon
     module HttpLogHelper
       def httplog_url(datum)
-        @httplog_url ||= "#{datum[:scheme]}://#{datum[:host]}:#{datum[:port]}#{datum[:path]}#{datum[:query]}"
+        @httplog_url ||= ["#{datum[:scheme]}://#{datum[:host]}:#{datum[:port]}#{datum[:path]}", datum[:query]].compact.join('?')
       end
     end
 

data/lib/httplog/configuration.rb

@@ -20,7 +20,8 @@ module HttpLog
                   :color,
                   :prefix_data_lines,
                   :prefix_response_lines,
-                  :prefix_line_numbers
+                  :prefix_line_numbers,
+                  :filter_parameters
 
     def initialize
       @enabled               = true
@@ -42,12 +43,7 @@ module HttpLog
       @prefix_data_lines     = false
       @prefix_response_lines = false
       @prefix_line_numbers   = false
-    end
-
-    # TODO: remove in 1.0.0
-    def []=(key, value)
-      warn 'DEPRECATION WARNING: Assignment to HttpLog.options will be removed in version 1.0.0. Please use HttpLog.configure block instead as described here: https://github.com/trusche/httplog#configuration'
-      send("#{key}=", value)
+      @filter_parameters     = []
     end
   end
 end

data/lib/httplog/http_log.rb

@@ -8,6 +8,8 @@ require 'rack'
 
 module HttpLog
   LOG_PREFIX = '[httplog] '.freeze
+  PARAM_MASK = '[FILTERED]'
+
   class BodyParsingError < StandardError; end
 
   class << self
@@ -17,7 +19,6 @@ module HttpLog
       @configuration ||= Configuration.new
     end
     alias config configuration
-    alias options configuration # TODO: remove with 1.0.0
 
     def reset!
       @configuration = nil
@@ -64,13 +65,13 @@ module HttpLog
     def log_request(method, uri)
       return unless config.log_request
 
-      log("Sending: #{method.to_s.upcase} #{uri}")
+      log("Sending: #{method.to_s.upcase} #{masked(uri)}")
     end
 
     def log_headers(headers = {})
       return unless config.log_headers
 
-      headers.each do |key, value|
+      masked(headers).each do |key, value|
         log("Header: #{key}: #{value}")
       end
     end
@@ -129,7 +130,8 @@ module HttpLog
 
     def log_data(data)
       return unless config.log_data
-      data = utf_encoded(data.to_s.dup)
+
+      data = utf_encoded(masked(data.dup).to_s) unless data.nil?
 
       if config.prefix_data_lines
         log('Data:')
@@ -142,7 +144,7 @@ module HttpLog
     def log_compact(method, uri, status, seconds)
       return unless config.compact_log
       status = Rack::Utils.status_code(status) unless status == /\d{3}/
-      log("#{method.to_s.upcase} #{uri} completed with status code #{status} in #{seconds} seconds")
+      log("#{method.to_s.upcase} #{masked(uri)} completed with status code #{status} in #{seconds.to_f.round(6)} seconds")
     end
 
     def log_json(data = {})
@@ -159,16 +161,16 @@ module HttpLog
       if config.compact_log
         log({
           method: data[:method].to_s.upcase,
-          url: data[:url],
+          url: masked(data[:url]),
           response_code: data[:response_code].to_i,
           benchmark: data[:benchmark]
         }.to_json)
       else
         log({
           method: data[:method].to_s.upcase,
-          url: data[:url],
-          request_body: data[:request_body],
-          request_headers: data[:request_headers].to_h,
+          url: masked(data[:url]),
+          request_body: masked(data[:request_body]),
+          request_headers: masked(data[:request_headers].to_h),
           response_code: data[:response_code].to_i,
           response_body: parsed_body,
           response_headers: data[:response_headers].to_h,
@@ -197,6 +199,48 @@ module HttpLog
 
     private
 
+    def masked(msg, key=nil)
+      return msg if config.filter_parameters.empty?
+      return msg if msg.nil?
+
+      # If a key is given, msg is just the value and can be replaced
+      # in its entirety.
+      return (config.filter_parameters.include?(key.downcase) ? PARAM_MASK : msg) if key
+
+      # Otherwise, we'll parse Strings for key=valye pairs...
+      case msg
+      when *string_classes
+        config.filter_parameters.reduce(msg) do |m,key|
+          m.to_s.gsub(/(#{key})=[^&]+/i, "#{key}=#{PARAM_MASK}")
+        end
+      # ...and recurse over hashes
+      when *hash_classes
+        Hash[msg.map {|k,v| [k, masked(v, k)]}]
+      else
+        log "*** FILTERING NOT APPLIED BECAUSE #{msg.class} IS UNEXPECTED ***"
+        msg
+      end
+    end
+
+    def string_classes
+      @string_classes ||= begin
+        string_classes = [String]
+        string_classes << HTTP::Response::Body if defined?(HTTP::Response::Body)
+        string_classes << HTTP::URI if defined?(HTTP::URI)
+        string_classes << URI::HTTP if defined?(URI::HTTP)
+        string_classes << HTTP::FormData::Urlencoded if defined?(HTTP::FormData::Urlencoded)
+        string_classes
+      end
+    end
+
+    def hash_classes
+      @hash_classes ||= begin
+        hash_classes = [Hash, Enumerator]
+        hash_classes << HTTP::Headers if defined?(HTTP::Headers)
+        hash_classes
+      end
+    end
+
     def utf_encoded(data, content_type = nil)
       charset = content_type.to_s.scan(/; charset=(\S+)/).flatten.first || 'UTF-8'
       begin

data/lib/httplog/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module HttpLog
-  VERSION = '1.2.2'.freeze
+  VERSION = '1.3.0'.freeze
 end

data/spec/adapters/ethon_adapter.rb

@@ -4,7 +4,7 @@ require 'ethon'
 class EthonAdapter < HTTPBaseAdapter
   def send_get_request
     easy = Ethon::Easy.new
-    easy.http_request(parse_uri.to_s, :get, headers: @headers)
+    easy.http_request(parse_uri(true).to_s, :get, headers: @headers)
     easy.perform
   end
 

data/spec/adapters/excon_adapter.rb

@@ -3,7 +3,7 @@
 require 'excon'
 class ExconAdapter < HTTPBaseAdapter
   def send_get_request
-    Excon.get(parse_uri.to_s, headers: @headers)
+    Excon.get(parse_uri(true).to_s, headers: @headers)
   end
 
   def send_head_request

data/spec/adapters/faraday_adapter.rb

@@ -4,7 +4,7 @@ require 'faraday'
 class FaradayAdapter < HTTPBaseAdapter
   def send_get_request
     connection.get do |req|
-      req.url parse_uri.to_s
+      req.url parse_uri(true).to_s
       req.headers = @headers
     end
   end
@@ -42,6 +42,10 @@ class FaradayAdapter < HTTPBaseAdapter
     end
   end
 
+  def logs_form_data?
+    false
+  end
+
   private
 
   def connection

data/spec/adapters/http_adapter.rb

@@ -3,7 +3,7 @@
 require 'http'
 class HTTPAdapter < HTTPBaseAdapter
   def send_get_request
-    client.get(parse_uri.to_s)
+    client.get(parse_uri(true).to_s)
   end
 
   def send_head_request

data/spec/adapters/http_base_adapter.rb

@@ -15,8 +15,14 @@ class HTTPBaseAdapter
     true
   end
 
-  def parse_uri
-    URI.parse("#{@protocol}://#{@host}:#{@port}#{@path}")
+  def logs_form_data?
+    true
+  end
+
+  def parse_uri(query=false)
+    uri = "#{@protocol}://#{@host}:#{@port}#{@path}"
+    uri = [uri, URI::encode(@data)].join('?') if query && @data
+    URI.parse(uri)
   end
 
   def expected_response_body

data/spec/adapters/httparty_adapter.rb

@@ -3,7 +3,7 @@
 require 'httparty'
 class HTTPartyAdapter < HTTPBaseAdapter
   def send_get_request
-    HTTParty.get(parse_uri.to_s, headers: @headers)
+    HTTParty.get(parse_uri(true).to_s, headers: @headers)
   end
 
   def send_head_request

data/spec/adapters/httpclient_adapter.rb

@@ -2,7 +2,7 @@
 
 class HTTPClientAdapter < HTTPBaseAdapter
   def send_get_request
-    ::HTTPClient.get(parse_uri, header: @headers)
+    ::HTTPClient.get(parse_uri(true), header: @headers)
   end
 
   def send_head_request
@@ -24,4 +24,8 @@ class HTTPClientAdapter < HTTPBaseAdapter
   def self.response_should_be
     HTTP::Message
   end
+
+  def logs_form_data?
+    false
+  end
 end

data/spec/adapters/net_http_adapter.rb

@@ -2,7 +2,9 @@
 
 class NetHTTPAdapter < HTTPBaseAdapter
   def send_get_request
-    Net::HTTP.get_response(@host, [@path, @data].compact.join('?'), @port)
+    path = @path
+    path = [@path, URI::encode(@data)].join('?') if @data
+    Net::HTTP.get_response(@host, path, @port)
   end
 
   def send_head_request

data/spec/adapters/open_uri_adapter.rb

@@ -2,7 +2,7 @@
 
 class OpenUriAdapter < HTTPBaseAdapter
   def send_get_request
-    open(parse_uri) # rubocop:disable Security/Open
+    open(parse_uri(true)) # rubocop:disable Security/Open
   end
 
   def expected_response_body

data/spec/adapters/patron_adapter.rb

@@ -4,7 +4,7 @@ require 'patron'
 class PatronAdapter < HTTPBaseAdapter
   def send_get_request
     session = Patron::Session.new
-    session.get(parse_uri.to_s, @headers)
+    session.get(parse_uri(true).to_s, @headers)
   end
 
   def send_head_request

data/spec/adapters/typhoeus_adapter.rb

@@ -3,7 +3,7 @@
 require 'excon'
 class TyphoeusAdapter < HTTPBaseAdapter
   def send_get_request
-    Typhoeus.get(parse_uri.to_s, headers: @headers)
+    Typhoeus.get(parse_uri(true).to_s, headers: @headers)
   end
 
   def send_head_request

data/spec/lib/http_log_spec.rb

@@ -5,16 +5,17 @@ require 'spec_helper'
 describe HttpLog do
   subject { log } # see spec_helper
 
+  let(:secret)  { 'my secret' }
   let(:host)    { 'localhost' }
   let(:port)    { 9292 }
   let(:path)    { '/index.html' }
-  let(:headers) { { 'accept' => '*/*', 'foo' => 'bar' } }
-  let(:data)    { 'foo=bar&bar=foo' }
-  let(:params)  { { 'foo' => 'bar:form-data', 'bar' => 'foo' } }
+  let(:headers) { { 'accept' => '*/*', 'foo' => secret } }
+  let(:data)    { "foo=#{secret}&bar=foo" }
+  let(:params)  { { 'foo' => secret, 'bar' => 'foo:form-data' } }
   let(:html)    { File.read('./spec/support/index.html') }
   let(:json)    { JSON.parse(log.match(/\[httplog\]\s(.*)/).captures.first) }
 
-  # Configuration
+  # Default configuration
   let(:enabled)               { HttpLog.configuration.enabled }
   let(:severity)              { HttpLog.configuration.severity }
   let(:log_headers)           { HttpLog.configuration.log_headers }
@@ -31,6 +32,7 @@ describe HttpLog do
   let(:compact_log)           { HttpLog.configuration.compact_log }
   let(:url_blacklist_pattern) { HttpLog.configuration.url_blacklist_pattern }
   let(:url_whitelist_pattern) { HttpLog.configuration.url_whitelist_pattern }
+  let(:filter_parameters)     { HttpLog.configuration.filter_parameters }
 
   def configure
     HttpLog.configure do |c|
@@ -50,6 +52,7 @@ describe HttpLog do
       c.compact_log           = compact_log
       c.url_blacklist_pattern = url_blacklist_pattern
       c.url_whitelist_pattern = url_whitelist_pattern
+      c.filter_parameters     = filter_parameters
     end
   end
 
@@ -135,7 +138,7 @@ describe HttpLog do
 
             it_behaves_like 'logs request', 'POST'
             it_behaves_like 'logs expected response'
-            it_behaves_like 'logs data', 'foo=bar&bar=foo'
+            it_behaves_like 'logs data'
             it_behaves_like 'logs status', 200
             it_behaves_like 'logs benchmark'
 
@@ -174,6 +177,7 @@ describe HttpLog do
             let(:log_headers) { true }
             it { is_expected.to match(%r{Header: accept: */*}i) } # request
             it { is_expected.to match(/Header: Server: thin/i) } # response
+            it_behaves_like 'filtered parameters'
           end
 
           context 'with blacklist hit' do
@@ -206,6 +210,7 @@ describe HttpLog do
           it_behaves_like 'data logging disabled'
           it_behaves_like 'response logging disabled'
           it_behaves_like 'benchmark logging disabled'
+          it_behaves_like 'filtered parameters'
 
           context 'with single color' do
             let(:color) { :red }
@@ -231,7 +236,7 @@ describe HttpLog do
 
           context 'with compact config' do
             let(:compact_log) { true }
-            it { is_expected.to match(%r{\[httplog\] GET http://#{host}:#{port}#{path}(\?.*)? completed with status code \d{3} in (\d|\.)+}) }
+            it { is_expected.to match(%r{\[httplog\] GET http://#{host}:#{port}#{path}(\?.*)? completed with status code \d{3} in \d+\.\d{1,6} }) }
             it { is_expected.to_not include("Connecting: #{host}:#{port}") }
             it { is_expected.to_not include('Response:') }
             it { is_expected.to_not include('Data:') }
@@ -248,6 +253,7 @@ describe HttpLog do
             it_behaves_like 'benchmark logging disabled'
             it_behaves_like 'with prefix response lines'
             it_behaves_like 'with line numbers'
+            it_behaves_like 'filtered parameters'
           end
         end
 
@@ -260,12 +266,13 @@ describe HttpLog do
             it_behaves_like 'benchmark logging disabled'
             it_behaves_like 'with prefix response lines'
             it_behaves_like 'with line numbers'
+            it_behaves_like 'filtered parameters'
           end
         end
 
         context 'POST multi-part requests (file upload)' do
           let(:upload) { Tempfile.new('http-log') }
-          let(:params) { { 'foo' => 'bar', 'file' => upload } }
+          let(:params) { { 'foo' => secret, 'file' => upload } }
 
           if adapter_class.method_defined? :send_multipart_post_request
             before { adapter.send_multipart_post_request }
@@ -275,6 +282,7 @@ describe HttpLog do
             it_behaves_like 'benchmark logging disabled'
             it_behaves_like 'with prefix response lines'
             it_behaves_like 'with line numbers'
+            it_behaves_like 'filtered parameters'
           end
         end
       end
@@ -292,6 +300,7 @@ describe HttpLog do
           it { expect(json['response_code']).to eq(200) }
           it { expect(json['response_body']).to eq(html) }
           it { expect(json['benchmark']).to be_a(Numeric) }
+          it_behaves_like 'filtered parameters'
 
           context 'and compact config' do
             let(:compact_log) { true }

data/spec/support/shared_examples.rb

@@ -12,8 +12,15 @@ RSpec.shared_examples 'logs expected response' do
   it { is_expected.to include("Response:#{adapter.expected_response_body}") }
 end
 
-RSpec.shared_examples 'logs data' do |data|
-  it { is_expected.to include(["Data:", data].compact.join(' ')) }
+RSpec.shared_examples 'logs data' do
+  # Some adapters (YOU, Faraday!) re-order the keys for no bloody
+  # reason whatsover. So we need to check them individually. And some
+  # (guess who?) use non-standard URL encoding for spaces...
+  it do
+    data.split('&').each do |param|
+      is_expected.to match(Regexp.new(param.gsub(' ', '( |%20|\\\+)')))
+    end
+  end
 end
 
 RSpec.shared_examples 'logs status' do |status|
@@ -61,3 +68,12 @@ RSpec.shared_examples 'with connection logging disabled' do
   let(:log_connect) { false }
   it { is_expected.to_not include('Connecting:') }
 end
+
+RSpec.shared_examples 'filtered parameters' do
+  let(:filter_parameters) { %w(foo) }
+
+  it 'masks the filtered value' do
+    # is_expected.to include('foo=[FILTERED]&').or exclude('foo')
+    is_expected.to_not include('secret')
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: httplog
 version: !ruby/object:Gem::Version
-  version: 1.2.2
+  version: 1.3.0
 platform: ruby
 authors:
 - Thilo Rusche
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-03-15 00:00:00.000000000 Z
+date: 2019-05-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ethon
@@ -241,9 +241,9 @@ files:
 - MIT-LICENSE
 - README.md
 - Rakefile
-- gemfiles/http2.gemfile
 - gemfiles/http3.gemfile
 - gemfiles/http4.gemfile
+- gemfiles/http5.gemfile
 - gemfiles/rack1.gemfile
 - gemfiles/rack2.gemfile
 - httplog.gemspec
@@ -302,8 +302,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.13
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: Log outgoing HTTP requests.