Question

How to redact fields in auth data?

  • 24 March 2021
  • 2 replies
  • 121 views

Userlevel 1

Hi, we are developing a Zapier Application, and when testing we noticed that the zapier logs are leaking the user private key that we use for autentication. It is on a `gpgprivatekey` field.

 

 

Is there anyway I tell zapier which fields are sensitive? It looks like environment and password are already redacted.

Btw setting the field to password does redact in log, but removes all line breaks and trims the field which renders the private key invalid.


This post has been closed for comments. Please create a new post if you need help or have a question about this topic.

2 replies

Userlevel 1

Just opened a issue in github, since it looks like it should’ve censored the field if named `token` (which it doesnt). See https://github.com/zapier/zapier-platform/issues/354

Userlevel 7
Badge +12

It looks like the issue has been fixed! https://github.com/zapier/zapier-platform/issues/354#issuecomment-809723447