@riocrypto/common-server 1.0.2710 → 1.0.2711

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/build/clients/axios-with-logging.js +14 -12
  2. package/build/services/logger.js +16 -8
  3. package/package.json +2 -2
package/build/clients/axios-with-logging.js CHANGED
@@ -8,27 +8,29 @@ const axios_1 = __importDefault(require("axios"));
8
8
  const logger_1 = __importDefault(require("../services/logger"));
9
9
  function buildAxiosWithLogging() {
10
10
  const axiosWithLogging = axios_1.default.create();
11
- const sensitiveHeaders = [
12
- "Authorization",
13
- "x-api-key",
14
- "Api-Key",
15
- "x-cluster-api-key",
16
- "X-API-KEY",
17
- "CB-ACCESS-KEY",
18
- "CB-ACCESS-SIGN",
19
- "CB-ACCESS-TIMESTAMP",
20
- "CB-ACCESS-PASSPHRASE",
11
+ const sensitiveSubstrings = [
12
+ "key",
13
+ "token",
14
+ "secret",
15
+ "auth",
16
+ "sign",
17
+ "password",
18
+ "private",
19
+ "credential",
20
+ "passphrase",
21
+ "csrf",
21
22
  ];
22
23
  function maskHeaderValue(value) {
23
24
  return value.length > 4
24
25
  ? "*".repeat(value.length - 4) + value.slice(-4)
25
26
  : value;
26
27
  }
27
- // Masking function to selectively mask headers
28
+ // Masking function - masks any header containing a sensitive substring
28
29
  function maskHeaders(headers) {
29
30
  const maskedHeaders = Object.assign({}, headers);
30
31
  Object.keys(maskedHeaders).forEach((header) => {
31
- if (sensitiveHeaders.includes(header)) {
32
+ const lower = header.toLowerCase();
33
+ if (sensitiveSubstrings.some((sub) => lower.includes(sub))) {
32
34
  maskedHeaders[header] = maskHeaderValue(maskedHeaders[header]);
33
35
  }
34
36
  });
package/build/services/logger.js CHANGED
@@ -19,15 +19,23 @@ class LoggerService {
19
19
  if ((_b = (_a = info.meta) === null || _a === void 0 ? void 0 : _a.req) === null || _b === void 0 ? void 0 : _b.headers) {
20
20
  // Use optional chaining
21
21
  const headers = info.meta.req.headers;
22
- const headerKeysToMask = [
23
- "x-api-key",
24
- "x-admin-api-key",
25
- "x-cluster-api-key",
22
+ const sensitiveSubstrings = [
23
+ "key",
24
+ "token",
25
+ "secret",
26
+ "auth",
27
+ "sign",
28
+ "password",
29
+ "private",
30
+ "credential",
31
+ "passphrase",
32
+ "csrf",
26
33
  ];
27
- headerKeysToMask.forEach((key) => {
28
- if (headers[key]) {
29
- // Type assertion might be needed if headers[key] is not strictly string
30
- headers[key] = this.maskValue(String(headers[key]));
34
+ // Mask any header containing a sensitive substring
35
+ Object.keys(headers).forEach((headerKey) => {
36
+ const lower = headerKey.toLowerCase();
37
+ if (sensitiveSubstrings.some((sub) => lower.includes(sub))) {
38
+ headers[headerKey] = this.maskValue(String(headers[headerKey]));
31
39
  }
32
40
  });
33
41
  // Mask cookies specifically
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@riocrypto/common-server",
3
- "version": "1.0.2710",
3
+ "version": "1.0.2711",
4
4
  "description": "",
5
5
  "main": "./build/index.js",
6
6
  "types": "./build/index.d.ts",
@@ -28,7 +28,7 @@
28
28
  "@google-cloud/secret-manager": "^5.3.0",
29
29
  "@google-cloud/storage": "^6.9.5",
30
30
  "@hyperdx/node-opentelemetry": "^0.7.0",
31
- "@riocrypto/common": "^1.0.2509",
31
+ "@riocrypto/common": "^1.0.2510",
32
32
  "@types/express": "^4.17.13",
33
33
  "axios": "^1.7.4",
34
34
  "crypto-js": "^4.2.0",