From b80e8938a4556f084f1d17cc8f31500e846eacbc Mon Sep 17 00:00:00 2001 From: Vincent Dai <23257217+vidai-msft@users.noreply.github.com> Date: Sun, 15 Dec 2024 20:57:57 -0800 Subject: [PATCH] Add common secret patterns. (#26871) --- tools/TestFx/Recorder/RecorderUtilities.cs | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/tools/TestFx/Recorder/RecorderUtilities.cs b/tools/TestFx/Recorder/RecorderUtilities.cs index cc5693ac37ed..0cd03f1b5180 100644 --- a/tools/TestFx/Recorder/RecorderUtilities.cs +++ b/tools/TestFx/Recorder/RecorderUtilities.cs @@ -36,16 +36,32 @@ public static class RecorderUtilities static RecorderUtilities() { + JsonPathSanitizers.Add("$..Password"); JsonPathSanitizers.Add("$..password"); + JsonPathSanitizers.Add("$..adminPassword"); + JsonPathSanitizers.Add("$..passwords[*].value"); + JsonPathSanitizers.Add("$..secret"); + JsonPathSanitizers.Add("$..secretText"); + JsonPathSanitizers.Add("$..accessSAS"); + JsonPathSanitizers.Add("$..storageAccountKey"); JsonPathSanitizers.Add("$..primaryKey"); JsonPathSanitizers.Add("$..primaryMasterKey"); JsonPathSanitizers.Add("$..primaryReadonlyMasterKey"); JsonPathSanitizers.Add("$..secondaryKey"); JsonPathSanitizers.Add("$..secondaryMasterKey"); JsonPathSanitizers.Add("$..secondaryReadonlyMasterKey"); + JsonPathSanitizers.Add("$..keys[*].value"); + JsonPathSanitizers.Add("$..connectionString"); JsonPathSanitizers.Add("$..primaryConnectionString"); JsonPathSanitizers.Add("$..secondaryConnectionString"); - JsonPathSanitizers.Add("$..connectionString"); + JsonPathSanitizers.Add("$..aliasPrimaryConnectionString"); + JsonPathSanitizers.Add("$..aliasSecondaryConnectionString"); + JsonPathSanitizers.Add("$..administratorLoginPassword"); + JsonPathSanitizers.Add("$..hubDatabasePassword"); + JsonPathSanitizers.Add("$.properties.siteConfig.machineKey.decryptionKey"); + JsonPathSanitizers.Add("$.properties.WEBSITE_AUTH_ENCRYPTION_KEY"); + JsonPathSanitizers.Add("$.properties.DOCKER_REGISTRY_SERVER_PASSWORD"); + JsonPathSanitizers.Add("$.properties.protectedSettings.storageAccountKey"); } public static bool IsHttpContentBinary(HttpContent content)