I'm using VCR gem to record http interactions and replay them in future. I want to filter-out my actual password value in the uri request. Here's sample of what the uri looks like:
http://services.somesite.com/Services.asmx/Cabins
Username=long&Password=john&StartDate=03%2F22%2F2012&EndDate=03%2F29%2F2012
Though an explanation is provided here, I'm still not sure how to do it after a few attempts myself:
https://www.relishapp.com/myronmarston/vcr/v/2-0-0/docs/configuration/filter-sensitive-data
Any help would be appreciated.
VCR.configure do |c|
c.filter_sensitive_data("<SOMESITE_PASSWORD>") do
ENV['SOMESITE_PASSWORD']
# or $credentials['somesite']['password'] or whatever
end
end
Essentially, you give VCR a bit of placeholder text, and then the block needs to return the real password, reading it from whatever the canonical password "repository" is.
Note that the real password is only needed the first time, when the request is recorded; on subsequent runs, it can be a fake password (as long as it's the same fake password used by the code making the request).
for rails 4+, if you are using secrets.yml you might want to do
VCR.configure do |config|
Rails.application.secrets.each do |k,v|
config.filter_sensitive_data("ENV[#{k}]") { v }
end
end
now you're sure not to forget any
来源:https://stackoverflow.com/questions/9816152/filtering-sensitive-data-with-vcr