X-Git-Url: http://git.squeep.com/?p=squeep-logger-json-console;a=blobdiff_plain;f=lib%2Fdata-sanitizers.js;fp=lib%2Fdata-sanitizers.js;h=bf0495074a0fc9233d9407c0b7b2561e086fe076;hp=e4d0f3c4bb8238a2d5f5bcd6595440c889139559;hb=5f6029bc6c75708175ade99f6c44beb1d0e2817a;hpb=9df1ebe7b067a00a012b1deb303278e51a711e37

diff --git a/lib/data-sanitizers.js b/lib/data-sanitizers.js
index e4d0f3c..bf04950 100644
--- a/lib/data-sanitizers.js
+++ b/lib/data-sanitizers.js
@@ -1,25 +1,32 @@
 'use strict';
 
 /**
- * Here are some sanitizers to replace data fields before logging.
- * Well, really, this just documents the expected format.
+ * Sanitizers replace data fields before logging.
+ * None are bundled, but here is an example of one.
  */
 
 /**
- * template for sanitizers
+ * Example sanitizer function.
+ * Sanitizers are called initially with `sanitize` false, to only determine
+ * whether the data object will be changed.  If so, the sanitizer is then
+ * called again with `sanitize` true, but provided with a clone of the
+ * original data to update, to avoid leaking any applied changes back to the
+ * application.
  * @param {Object} data
  * @param {Boolean} sanitize
- * @returns {Boolean}
+ * @returns {Boolean} whether sanitizer is applicable to data
  */
 /* istanbul ignore next */
 function _sanitizer(data, sanitize = true) {
   let unclean = false;
 
-  if (undefined) { // eslint-disable-line no-constant-condition
+  const sensitiveFieldLength = data?.sensitiveField?.length;
+  if (sensitiveFieldLength) {
     unclean = true;
-  }
-  if (unclean && sanitize) {
-    data;
+
+    if (sanitize) {
+      data.sensitiveField = '*'.repeat(sensitiveFieldLength);
+    }
   }
 
   return unclean;