Optimize code, additional keys

pulsar-edit · Feb 20, 2024 · 8186d21 · 8186d21
1 parent e3c7933
commit 8186d21
Showing 1 changed file with 22 additions and 24 deletions.
diff --git a/src/models/callStack.js b/src/models/callStack.js
@@ -21,51 +21,49 @@ module.exports = class CallStack {
  // Attempts to remove any sensitive data that may be found within
  sanitize(content) {
 
+ const badKeys = [
+ "token",
+ "password",
+ "pass",
+ "auth",
+ "secret",
+ "passphrase",
+ "card"
+ ];
+ const githubTokenReg = /(?:gho_|ghp_|github_pat_|ghu_|ghs_|ghr_)/;
  const hideString = "*****";
  let outContent = {};
  let type = typeof content;
 
  // Since JavaScript `typeof` will assign an array as "object" as well as null
  // we will extend this typeof check to add those as different types, to ease
  // the complexity of the below switch statement
- if (Array.isArray(content)) {
- type = "array";
- }
- if (content === null) {
- type = "null";
+ if (type === "object") {
+ if (Array.isArray(content)) {
+ type = "array";
+ } else if (content === null) {
+ type = "null";
+ }
  }
 
  switch(type) {
  case "object":
  for (const key in content) {
  // Match different possible keys that represent sensitive data
- switch(key) {
- case "token":
- outContent[key] = hideString;
- break;
- default:
- outContent[key] = this.sanitize(content[key]);
- break;
+ if (badKeys.includes(key)) {
+ outContent[key] = hideString;
+ } else {
+ outContent[key] = this.sanitize(content[key]);
  }
  }
  break;
  case "string":
  // Match different strings of sensitive data
 
  // https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github#githubs-token-formats
- if (content.startsWith("gho_")) {
- outContent = hideString;
- } else if (content.startsWith("ghp_")) {
- outContent = hideString;
- } else if (content.startsWith("github_pat_")) {
- outContent = hideString;
- } else if (content.startsWith("ghu_")) {
- outContent = hideString;
- } else if (content.startsWith("ghs_")) {
- outContent = hideString;
- } else if (content.startsWith("ghr_")) {
+ if (githubTokenReg.test(content)) {
  outContent = hideString;
- } else {
+ } else { // More strings to test can be added here
  // String seems safe
  outContent = content;
  }