ObjectDumper icon indicating copy to clipboard operation
ObjectDumper copied to clipboard

Published 20 hours ago verified publisher icon thomasgalliker

Dumping objects with sensitive data

Open thomasgalliker opened this issue 5 years ago • 2 comments

We often have the situation that dumped objects contain sensitive data such a personal information (name, address,...) or security relevant information (password hashes, authentication tokens). ObjectDumper of course cannot automatically detect and obfuscate such information.

This issues serves as bucket to collect ideas of the users of ObjectDumper would like this problem to be solved - or if it even is a problem to be solved.

thomasgalliker avatar Dec 19 '19 07:12 thomasgalliker

How about an ignore attribute similar to how json is ignoring properties? Something like [IgnoreWhenDumping] or [DontDump] is easy to implement, easy to use, and even easy to read.

selmaohneh avatar Jun 16 '20 18:06 selmaohneh

The thing with attributes is: we should avoid having people to install ObjectDumper nuget in all their contracts/model assemblies. Theoretically, we could probe for the presence of a certrain attribute name (like you proposed, „IgnoreWhenDumping" or similar).

What actually is already present is an ExcludeProperties filter in DumpOptions.

thomasgalliker avatar Jun 17 '20 07:06 thomasgalliker