Skip to content

Commit 9c250c2

Browse files
claudeclaude
committed
feat(cli): add --case-sensitive option to har:sanitize command
Add support for case-sensitive matching via the --case-sensitive flag. By default, field name matching is case-insensitive. When enabled, only exact case matches will be redacted. Usage: har:sanitize input.har output.har --query-param api_key --case-sensitive
1 parent 2019ffe commit 9c250c2

File tree

2 files changed

+67
-1
lines changed

2 files changed

+67
-1
lines changed

src/Command/SanitizeCommand.php

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,8 @@ protected function configure(): void
2727
->addArgument('output', InputArgument::OPTIONAL, 'The output file path. Defaults to stdout.')
2828
->addOption('header', null, InputOption::VALUE_REQUIRED | InputOption::VALUE_IS_ARRAY, 'Header name to redact (can be specified multiple times).')
2929
->addOption('query-param', null, InputOption::VALUE_REQUIRED | InputOption::VALUE_IS_ARRAY, 'Query parameter name to redact (can be specified multiple times).')
30-
->addOption('body-field', null, InputOption::VALUE_REQUIRED | InputOption::VALUE_IS_ARRAY, 'Body field name to redact (can be specified multiple times).');
30+
->addOption('body-field', null, InputOption::VALUE_REQUIRED | InputOption::VALUE_IS_ARRAY, 'Body field name to redact (can be specified multiple times).')
31+
->addOption('case-sensitive', null, InputOption::VALUE_NONE, 'Use case-sensitive matching for field names. Defaults to case-insensitive.');
3132
}
3233

3334
protected function execute(InputInterface $input, OutputInterface $output): int
@@ -59,6 +60,10 @@ protected function execute(InputInterface $input, OutputInterface $output): int
5960

6061
$sanitizer = new HarSanitizer();
6162

63+
if ($input->getOption('case-sensitive')) {
64+
$sanitizer->setCaseSensitive(true);
65+
}
66+
6267
$headers = $input->getOption('header');
6368
if (!empty($headers)) {
6469
$sanitizer->redactHeaders($headers);

tests/src/Functional/SanitizeCommandTest.php

Lines changed: 61 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -188,6 +188,8 @@ public function testCommandConfiguration(): void
188188
$this->assertTrue($definition->getOption('query-param')->isArray());
189189
$this->assertTrue($definition->hasOption('body-field'));
190190
$this->assertTrue($definition->getOption('body-field')->isArray());
191+
$this->assertTrue($definition->hasOption('case-sensitive'));
192+
$this->assertFalse($definition->getOption('case-sensitive')->isArray());
191193
}
192194

193195
public function testSanitizeWithNoOptions(): void
@@ -405,6 +407,65 @@ public function testSanitizeAllOptionsTogether(): void
405407
$this->assertEquals('john', $bodyMap['username']);
406408
}
407409

410+
public function testCaseInsensitiveMatchingByDefault(): void
411+
{
412+
$harFile = $this->createHarFileWithQueryParams([
413+
'API_KEY' => 'secret-key',
414+
'Token' => 'auth-token',
415+
]);
416+
$outputFile = $this->tempDir.'/sanitized.har';
417+
418+
// By default, matching is case-insensitive
419+
$this->commandTester->execute([
420+
'har' => $harFile,
421+
'output' => $outputFile,
422+
'--query-param' => ['api_key', 'token'],
423+
]);
424+
425+
$this->assertSame(Command::SUCCESS, $this->commandTester->getStatusCode());
426+
427+
$serializer = new Serializer();
428+
$sanitized = $serializer->deserializeHar(file_get_contents($outputFile));
429+
430+
$params = $sanitized->getLog()->getEntries()[0]->getRequest()->getQueryString();
431+
$paramMap = $this->paramsToMap($params);
432+
433+
// Both should be redacted despite case mismatch
434+
$this->assertEquals('[REDACTED]', $paramMap['API_KEY']);
435+
$this->assertEquals('[REDACTED]', $paramMap['Token']);
436+
}
437+
438+
public function testCaseSensitiveMatchingWhenEnabled(): void
439+
{
440+
$harFile = $this->createHarFileWithQueryParams([
441+
'API_KEY' => 'secret-key',
442+
'api_key' => 'another-key',
443+
'Token' => 'auth-token',
444+
]);
445+
$outputFile = $this->tempDir.'/sanitized.har';
446+
447+
// With case-sensitive enabled, only exact matches should be redacted
448+
$this->commandTester->execute([
449+
'har' => $harFile,
450+
'output' => $outputFile,
451+
'--query-param' => ['api_key'],
452+
'--case-sensitive' => true,
453+
]);
454+
455+
$this->assertSame(Command::SUCCESS, $this->commandTester->getStatusCode());
456+
457+
$serializer = new Serializer();
458+
$sanitized = $serializer->deserializeHar(file_get_contents($outputFile));
459+
460+
$params = $sanitized->getLog()->getEntries()[0]->getRequest()->getQueryString();
461+
$paramMap = $this->paramsToMap($params);
462+
463+
// Only exact case match should be redacted
464+
$this->assertEquals('secret-key', $paramMap['API_KEY']);
465+
$this->assertEquals('[REDACTED]', $paramMap['api_key']);
466+
$this->assertEquals('auth-token', $paramMap['Token']);
467+
}
468+
408469
/**
409470
* @param \Deviantintegral\Har\Header[] $headers
410471
*

0 commit comments

Comments
 (0)