KayleighH's avatar
KayleighH
New Contributor
4 years ago
Status:
New Idea

Masking encrypted properties in ReadyAPI Test for Azure DevOps task instead of plain text

Hi,

 

The latest version of ReadyAPI 3.20.0 seems to fix encrypted properties being displayed as plain text in logs within the ReadyAPI software itself but this does not translate when running the project from Azure DevOps using the "ReadyAPI Test for Azure DevOps task" as encrypted properties are still being exposed there.

 

1. The project password for the task is in plain text

- This property should be masked as anyone who views the task would be able to download and access the encrypted project and its properties.

 

2. Encrypted properties are displayed in the logs/requests as plain text

The password has been encrypted in the custom properties using the "selected properties" project encryption .

However, encyrpted properties are being shown in the task logs when a request that uses the properties fail or when logged using groovy script as plain text. 

 

This display of encrypted properties as plain text is unacceptable especially when creating production tests so it would be benefical if encyrpted properties are not exposed.

 

Thanks,

Kayleigh

  • Mahesh9100's avatar
    Mahesh9100
    Occasional Contributor

    I am also facing the same issue as all the encrypted properties are being displayed in the Azure Logs. It is a major security concern and would like to see the encrypted properties are not exposed in Azure.