diff --git a/Readme.md b/Readme.md
index 570e0e0..a625256 100644
--- a/Readme.md
+++ b/Readme.md
@@ -16,8 +16,8 @@
## #BLM and 5.x breaking changes
The maintainers of this project no longer feel comfortable with the following terms:
-* whitelist
-* blacklist
+* allowlist
+* denylist
* master
Therefore, exposed configuration options, types in this library using those terms are due to be removed in the upcoming 5.x series,
@@ -28,7 +28,7 @@ You can track the progress of these changes in [#247](https://github.com/bithavo
## Usage
-express-winston provides middlewares for request and error logging of your express.js application. It uses 'whitelists' to select properties from the request and (new in 0.2.x) response objects.
+express-winston provides middlewares for request and error logging of your express.js application. It uses 'allowlists' to select properties from the request and (new in 0.2.x) response objects.
To make use of express-winston, you need to add the following to your application:
@@ -94,15 +94,15 @@ Use `expressWinston.logger(options)` to create a middleware to log your HTTP req
statusLevels: Boolean or Object, // different HTTP status codes caused log messages to be logged at different levels (info/warn/error), the default is false. Use an object to control the levels various status codes are logged at. Using an object for statusLevels overrides any setting of options.level.
ignoreRoute: function (req, res) { return false; }, // A function to determine if logging is skipped, defaults to returning false. Called _before_ any later middleware.
skip: function(req, res) { return false; }, // A function to determine if logging is skipped, defaults to returning false. Called _after_ response has already been sent.
- requestFilter: function (req, propName) { return req[propName]; }, // A function to filter/return request values, defaults to returning all values allowed by whitelist. If the function returns undefined, the key/value will not be included in the meta.
- responseFilter: function (res, propName) { return res[propName]; }, // A function to filter/return response values, defaults to returning all values allowed by whitelist. If the function returns undefined, the key/value will not be included in the meta.
- requestWhitelist: [String], // Array of request properties to log. Overrides global requestWhitelist for this instance
- responseWhitelist: [String], // Array of response properties to log. Overrides global responseWhitelist for this instance
- bodyWhitelist: [String], // Array of body properties to log. Overrides global bodyWhitelist for this instance
- bodyBlacklist: [String], // Array of body properties to omit from logs. Overrides global bodyBlacklist for this instance
+ requestFilter: function (req, propName) { return req[propName]; }, // A function to filter/return request values, defaults to returning all values allowed by allowlist. If the function returns undefined, the key/value will not be included in the meta.
+ responseFilter: function (res, propName) { return res[propName]; }, // A function to filter/return response values, defaults to returning all values allowed by allowlist. If the function returns undefined, the key/value will not be included in the meta.
+ requestAllowlist: [String], // Array of request properties to log. Overrides global requestAllowlist for this instance
+ responseAllowlist: [String], // Array of response properties to log. Overrides global responseAllowlist for this instance
+ bodyAllowlist: [String], // Array of body properties to log. Overrides global bodyAllowlist for this instance
+ bodyDenylist: [String], // Array of body properties to omit from logs. Overrides global bodyDenylist for this instance
ignoredRoutes: [String], // Array of paths to ignore/skip logging. Overrides global ignoredRoutes for this instance
dynamicMeta: function(req, res) { return [Object]; } // Extract additional meta data from request or response (typically req.user data if using passport). meta must be true for this function to be activated
- headerBlacklist: [String], // Array of headers to omit from logs. Applied after any previous filters.
+ headerDenylist: [String], // Array of headers to omit from logs. Applied after any previous filters.
```
@@ -137,15 +137,15 @@ The logger needs to be added AFTER the express router (`app.router`) and BEFORE
baseMeta: Object, // default meta data to be added to log, this will be merged with the error data.
meta: Boolean, // control whether you want to log the meta data about the request (default to true).
metaField: String, // if defined, the meta data will be added in this field instead of the meta root object. Defaults to 'meta'. Set to `null` to store metadata at the root of the log entry.
- requestField: [String] // the property of the metadata to store the request under (default 'req'). Set to null to exclude request from metadata
+ requestField: [String] // the property of the metadata to store the request under (default 'req'). Set to null to exclude request from metadata
responseField: [String] // the property of the metadata to store the response under (default 'res'). If set to the same as 'requestField', filtered response and request properties will be merged. Set to null to exclude request from metadata
- requestFilter: function (req, propName) { return req[propName]; } // A function to filter/return request values, defaults to returning all values allowed by whitelist. If the function returns undefined, the key/value will not be included in the meta.
- requestWhitelist: [String] // Array of request properties to log. Overrides global requestWhitelist for this instance
- headerBlacklist: [String], // Array of headers to omit from logs. Applied after any previous filters.
+ requestFilter: function (req, propName) { return req[propName]; } // A function to filter/return request values, defaults to returning all values allowed by allowlist. If the function returns undefined, the key/value will not be included in the meta.
+ requestAllowlist: [String] // Array of request properties to log. Overrides global requestAllowlist for this instance
+ headerDenylist: [String], // Array of headers to omit from logs. Applied after any previous filters.
level: String or function(req, res, err) { return String; }// custom log level for errors (default is 'error'). Assign a function to dynamically set the log level based on request, response, and the exact error.
dynamicMeta: function(req, res, err) { return [Object]; } // Extract additional meta data from request or response (typically req.user data if using passport). meta must be true for this function to be activated
exceptionToMeta: function(error){return Object; } // Function to format the returned meta information on error log. If not given `winston.exception.getAllInfo` will be used by default
- blacklistedMetaFields: [String] // fields to blacklist from meta data
+ denylistedMetaFields: [String] // fields to denylist from meta data
skip: function(req, res, err) { return false; } // A function to determine if logging is skipped, defaults to returning false.
```
@@ -155,20 +155,20 @@ Alternatively, if you're using a winston logger instance elsewhere and have alre
#### `metaField` option
-In versions of `express-winston` prior to 4.0.0, this field functioned differently.
+In versions of `express-winston` prior to 4.0.0, this field functioned differently.
-Previously the log entry would always have a "meta" field which would be set to the metadata of the request/error.
-If `metaField` was set, this information would be stored as an object with the given property on the "meta" object of
+Previously the log entry would always have a "meta" field which would be set to the metadata of the request/error.
+If `metaField` was set, this information would be stored as an object with the given property on the "meta" object of
the log entry. This prevented the use case where the metadata should be located at the root of the log entry.
-In this version, `metaField` defaults to "meta" which maintains the prior versions behavior of storing the metadata at
-a "meta" property of the log entry.
+In this version, `metaField` defaults to "meta" which maintains the prior versions behavior of storing the metadata at
+a "meta" property of the log entry.
Explicitly setting the `metaField` to `null` or "null" causes the metadata to be stored at the root of the log entry.
The `metaField` option now also supports dot separated and array values to store the metadata at a nested location in the log entry.
-Upgrade Note: For those upgrading from a version of `express-winston` prior to 4.0.0 that use the `metaField` property, to keep the same behavior, prepend `meta.` to your current `metaField` configuration. (i.e. 'foo' would become 'meta.foo')
+Upgrade Note: For those upgrading from a version of `express-winston` prior to 4.0.0 that use the `metaField` property, to keep the same behavior, prepend `meta.` to your current `metaField` configuration. (i.e. 'foo' would become 'meta.foo')
## Examples
@@ -349,8 +349,8 @@ app.use(expressWinston.logger({
transports: [new LoggingWinston({})],
metaField: null, //this causes the metadata to be stored at the root of the log entry
responseField: null, // this prevents the response from being included in the metadata (including body and status code)
- requestWhitelist: ['headers', 'query'], //these are not included in the standard StackDriver httpRequest
- responseWhitelist: ['body'], // this populates the `res.body` so we can get the response size (not required)
+ requestAllowlist: ['headers', 'query'], //these are not included in the standard StackDriver httpRequest
+ responseAllowlist: ['body'], // this populates the `res.body` so we can get the response size (not required)
dynamicMeta: (req, res) => {
const httpRequest = {}
const meta = {}
@@ -365,7 +365,7 @@ app.use(expressWinston.logger({
httpRequest.userAgent = req.get('User-Agent')
httpRequest.referrer = req.get('Referrer')
}
-
+
if (res) {
meta.httpRequest = httpRequest
httpRequest.status = res.statusCode
@@ -386,44 +386,44 @@ app.use(expressWinston.logger({
}));
```
-## Global Whitelists and Blacklists
+## Global AllowLists and Denylists
-Express-winston exposes three whitelists that control which properties of the `request`, `body`, and `response` are logged:
+Express-winston exposes three allowLists that control which properties of the `request`, `body`, and `response` are logged:
-* `requestWhitelist`
-* `bodyWhitelist`, `bodyBlacklist`
-* `responseWhitelist`
+* `requestAllowlist`
+* `bodyAllowlist`, `bodyDenylist`
+* `responseAllowlist`
-For example, `requestWhitelist` defaults to:
+For example, `requestAllowlist` defaults to:
['url', 'headers', 'method', 'httpVersion', 'originalUrl', 'query'];
-Only those properties of the request object will be logged. Set or modify the whitelist as necessary.
+Only those properties of the request object will be logged. Set or modify the allowlist as necessary.
For example, to include the session property (the session data), add the following during logger setup:
- expressWinston.requestWhitelist.push('session');
+ expressWinston.requestAllowlist.push('session');
-The blacklisting excludes certain properties and keeps all others. If both `bodyWhitelist` and `bodyBlacklist` are set
-the properties excluded by the blacklist are not included even if they are listed in the whitelist!
+The denylisting excludes certain properties and keeps all others. If both `bodyAllowlist` and `bodyDenylist` are set
+the properties excluded by the denylist are not included even if they are listed in the allowlist!
Example:
- expressWinston.bodyBlacklist.push('secretid', 'secretproperty');
+ expressWinston.bodyDenylist.push('secretid', 'secretproperty');
Note that you can log the whole request and/or response body:
- expressWinston.requestWhitelist.push('body');
- expressWinston.responseWhitelist.push('body');
-
-### Nested Whitelists
+ expressWinston.requestAllowlist.push('body');
+ expressWinston.responseAllowlist.push('body');
+
+### Nested Allowlists
-`requestWhitelist` and `responseWhitelist` also support nested whitelist values, allowing access to parts of an object.
+`requestAllowlist` and `responseAllowlist` also support nested allowlist values, allowing access to parts of an object.
For example, using the following during logger setup:
- expressWinston.responseWhitelist.push('body.important.value');
-
+ expressWinston.responseAllowlist.push('body.important.value');
+
A response that looks like this :
{
@@ -439,7 +439,7 @@ A response that looks like this :
value: 3
}
}
-
+
Would only log the following value :
{
@@ -450,14 +450,14 @@ Would only log the following value :
}
}
-## Route-Specific Whitelists and Blacklists
+## Route-Specific Allowlists and Denylists
-New in version 0.2.x is the ability to add whitelist elements in a route. express-winston adds a `_routeWhitelists` object to the `req`uest, containing `.body`, `.req` and `.res` properties, to which you can set an array of 'whitelist' parameters to include in the log, specific to the route in question:
+New in version 0.2.x is the ability to add allowlist elements in a route. express-winston adds a `_routeAllowlists` object to the `req`uest, containing `.body`, `.req` and `.res` properties, to which you can set an array of 'allowlist' parameters to include in the log, specific to the route in question:
``` js
router.post('/user/register', function(req, res, next) {
- req._routeWhitelists.body = ['username', 'email', 'age']; // But not 'password' or 'confirm-password' or 'top-secret'
- req._routeWhitelists.res = ['_headers'];
+ req._routeAllowlists.body = ['username', 'email', 'age']; // But not 'password' or 'confirm-password' or 'top-secret'
+ req._routeAllowlists.res = ['_headers'];
});
```
@@ -494,19 +494,19 @@ Post to `/user/register` would give you something like the following:
"message": "HTTP GET /favicon.ico"
}
-Blacklisting supports only the `body` property.
+Denylisting supports only the `body` property.
``` js
router.post('/user/register', function(req, res, next) {
- req._routeWhitelists.body = ['username', 'email', 'age']; // But not 'password' or 'confirm-password' or 'top-secret'
- req._routeBlacklists.body = ['username', 'password', 'confirm-password', 'top-secret'];
- req._routeWhitelists.res = ['_headers'];
+ req._routeAllowlists.body = ['username', 'email', 'age']; // But not 'password' or 'confirm-password' or 'top-secret'
+ req._routeDenylists.body = ['username', 'password', 'confirm-password', 'top-secret'];
+ req._routeAllowlists.res = ['_headers'];
});
```
-If both `req._routeWhitelists.body` and `req._routeBlacklists.body` are set the result will be the white listed properties
-excluding any black listed ones. In the above example, only 'email' and 'age' would be included.
+If both `req._routeAllowlists.body` and `req._routeDenylists.body` are set the result will be the white listed properties
+excluding any denylisted ones. In the above example, only 'email' and 'age' would be included.
## Custom Status Levels
@@ -579,7 +579,7 @@ If you ran into any problems, please use the project [Issues section](https://gi
* [Jonathan Lomas](https://github.com/floatingLomas) (https://github.com/floatingLomas)
* [Ross Brandes](https://github.com/rosston) (https://github.com/rosston)
* [Alex Kaplan](https://github.com/kapalex) (https://github.com/kapalex)
-* [Matt Morrissette](https://github.com/yinzara) (https://github.com/yinzara)
+* [Matt Morrissette](https://github.com/yinzara) (https://github.com/yinzara)
Also see AUTHORS file, add yourself if you are missing.
diff --git a/index.d.ts b/index.d.ts
index 212c139..f4c674b 100644
--- a/index.d.ts
+++ b/index.d.ts
@@ -34,8 +34,8 @@ export interface StatusLevels {
export interface BaseLoggerOptions {
baseMeta?: object;
- bodyBlacklist?: string[];
- bodyWhitelist?: string[];
+ bodyDenylist?: string[];
+ bodyAllowlist?: string[];
colorize?: boolean;
dynamicMeta?: DynamicMetaFunction;
expressFormat?: boolean;
@@ -49,13 +49,13 @@ export interface BaseLoggerOptions {
responseField?: string | null;
msg?: MessageTemplate;
requestFilter?: RequestFilter;
- requestWhitelist?: string[];
+ requestAllowlist?: string[];
responseFilter?: ResponseFilter;
- responseWhitelist?: string[];
- headerBlacklist?: string[];
+ responseAllowlist?: string[];
+ headerDenylist?: string[];
skip?: RouteFilter;
statusLevels?: Boolean | StatusLevels;
- allowFilterOutWhitelistedRequestBody?: boolean;
+ allowFilterOutAllowlistedRequestBody?: boolean;
}
export interface LoggerOptionsWithTransports extends BaseLoggerOptions {
@@ -82,9 +82,9 @@ export interface BaseErrorLoggerOptions {
responseField?: string | null;
msg?: MessageTemplate;
requestFilter?: RequestFilter;
- requestWhitelist?: string[];
- headerBlacklist?: string[];
- blacklistedMetaFields?: string[];
+ requestAllowlist?: string[];
+ headerDenylist?: string[];
+ denylistedMetaFields?: string[];
skip?: ErrorRouteFilter;
}
@@ -100,13 +100,13 @@ export type ErrorLoggerOptions = ErrorLoggerOptionsWithTransports | ErrorLoggerO
export function errorLogger(options: ErrorLoggerOptions): ErrorRequestHandler;
-export let requestWhitelist: string[];
+export let requestAllowlist: string[];
-export let bodyWhitelist: string[];
+export let bodyAllowlist: string[];
-export let bodyBlacklist: string[];
+export let bodyDenylist: string[];
-export let responseWhitelist: string[];
+export let responseAllowlist: string[];
export let ignoredRoutes: string[];
@@ -117,7 +117,7 @@ export let defaultResponseFilter: ResponseFilter;
export function defaultSkip(): boolean;
export interface ExpressWinstonRequest extends Request {
- _routeWhitelists: {
+ _routeAllowlists: {
body: string[];
req: string[];
res: string[];
diff --git a/test/express-winston-tests.ts b/test/express-winston-tests.ts
index 6f80263..897e78f 100644
--- a/test/express-winston-tests.ts
+++ b/test/express-winston-tests.ts
@@ -10,8 +10,8 @@ const app = express();
// Logger with all options
app.use(expressWinston.logger({
baseMeta: { foo: 'foo', nested: { bar: 'baz' } },
- bodyBlacklist: ['foo'],
- bodyWhitelist: ['bar'],
+ bodyDenylist: ['foo'],
+ bodyAllowlist: ['bar'],
colorize: true,
dynamicMeta: (req, res, err) => ({ foo: 'bar' }),
expressFormat: true,
@@ -23,7 +23,7 @@ app.use(expressWinston.logger({
metaField: 'metaField',
msg: 'msg',
requestFilter: (req, prop) => req[prop],
- requestWhitelist: ['foo', 'bar'],
+ requestAllowlist: ['foo', 'bar'],
skip: (req, res) => false,
statusLevels: ({ error: 'error', success: 'success', warn: 'warn' }),
transports: [
@@ -58,9 +58,9 @@ app.use(expressWinston.errorLogger({
responseField: 'responseField',
msg: 'msg',
requestFilter: (req, prop) => true,
- requestWhitelist: ['foo', 'bar'],
- headerBlacklist: ['foo', 'bar'],
- blacklistedMetaFields: ['foo', 'bar'],
+ requestAllowlist: ['foo', 'bar'],
+ headerDenylist: ['foo', 'bar'],
+ denylistedMetaFields: ['foo', 'bar'],
skip: (req, res) => false,
transports: [
new winston.transports.Console({})
@@ -92,19 +92,19 @@ app.use(expressWinston.errorLogger({
winstonInstance: logger,
}));
-expressWinston.bodyBlacklist.push('potato');
-expressWinston.bodyWhitelist.push('apple');
+expressWinston.bodyDenylist.push('potato');
+expressWinston.bodyAllowlist.push('apple');
expressWinston.defaultRequestFilter = (req: expressWinston.FilterRequest, prop: string) => req[prop];
expressWinston.defaultResponseFilter = (res: expressWinston.FilterResponse, prop: string) => res[prop];
expressWinston.defaultSkip = () => true;
expressWinston.ignoredRoutes.push('/ignored');
-expressWinston.responseWhitelist.push('body');
+expressWinston.responseAllowlist.push('body');
const router = express.Router();
router.post('/user/register', (req, res, next) => {
const expressWinstonReq = req as expressWinston.ExpressWinstonRequest;
- expressWinstonReq._routeWhitelists.body = ['username', 'email', 'age'];
- expressWinstonReq._routeWhitelists.req = ['userId'];
- expressWinstonReq._routeWhitelists.res = ['_headers'];
+ expressWinstonReq._routeAllowlists.body = ['username', 'email', 'age'];
+ expressWinstonReq._routeAllowlists.req = ['userId'];
+ expressWinstonReq._routeAllowlists.res = ['_headers'];
});
diff --git a/test/test.js b/test/test.js
index a1b39da..b7eea25 100644
--- a/test/test.js
+++ b/test/test.js
@@ -6,8 +6,8 @@ var Transport = require('winston-transport');
var expressWinston = require('../index.js');
expressWinston.ignoredRoutes.push('/ignored');
-expressWinston.responseWhitelist.push('body');
-expressWinston.bodyBlacklist.push('potato');
+expressWinston.responseAllowlist.push('body');
+expressWinston.bodyDenylist.push('potato');
class MockTransport extends Transport {
constructor(test, options) {
@@ -153,16 +153,16 @@ describe('express-winston', function () {
middleware.length.should.eql(4);
});
- it('should use the exported requestWhitelist', function () {
- var originalWhitelist = expressWinston.requestWhitelist;
- expressWinston.requestWhitelist = ['foo'];
+ it('should use the exported requestAllowlist', function () {
+ var originalAllowlist = expressWinston.requestAllowlist;
+ expressWinston.requestAllowlist = ['foo'];
var options = {
req: { foo: 'bar' }
};
return errorLoggerTestHelper(options).then(function (result) {
// Return to the original value for later tests
- expressWinston.requestWhitelist = originalWhitelist;
+ expressWinston.requestAllowlist = originalAllowlist;
result.log.meta.req.should.have.property('foo');
result.log.meta.req.should.not.have.property('url');
@@ -203,7 +203,7 @@ describe('express-winston', function () {
val: '1'
});
- result.log.meta.req.should.not.have.property('nonWhitelistedProperty');
+ result.log.meta.req.should.not.have.property('nonAllowlistedProperty');
});
});
@@ -242,10 +242,10 @@ describe('express-winston', function () {
});
});
- describe('blacklistedMetaFields option', function () {
+ describe('denylistedMetaFields option', function () {
it('should, remove given fields from the meta result', function () {
- var testHelperOptionsWithBlacklist = { loggerOptions: { blacklistedMetaFields: ['trace'] } };
- return errorLoggerTestHelper(testHelperOptionsWithBlacklist).then(function (result) {
+ var testHelperOptionsWithDenylist = { loggerOptions: { denylistedMetaFields: ['trace'] } };
+ return errorLoggerTestHelper(testHelperOptionsWithDenylist).then(function (result) {
result.log.meta.should.not.have.property('trace');
});
});
@@ -269,8 +269,8 @@ describe('express-winston', function () {
});
});
- describe('requestWhitelist option', function () {
- it('should default to global requestWhitelist', function () {
+ describe('requestAllowlist option', function () {
+ it('should default to global requestAllowlist', function () {
var options = {
req: { foo: 'bar' }
};
@@ -279,11 +279,11 @@ describe('express-winston', function () {
});
});
- it('should use specified requestWhitelist', function () {
+ it('should use specified requestAllowlist', function () {
var options = {
req: { foo: 'bar' },
loggerOptions: {
- requestWhitelist: ['foo']
+ requestAllowlist: ['foo']
}
};
return errorLoggerTestHelper(options).then(function (result) {
@@ -292,17 +292,17 @@ describe('express-winston', function () {
});
});
- it('should work with nested requestWhitelist', function () {
+ it('should work with nested requestAllowlist', function () {
var options = {
req: {foo: {test: "bar"}},
loggerOptions: {
- requestWhitelist: ['foo.test']
+ requestAllowlist: ['foo.test']
}
};
return errorLoggerTestHelper(options).then(function (result) {
result.log.meta.req.should.have.property('foo');
result.log.meta.req.foo.should.have.property('test');
- });
+ });
});
});
@@ -473,7 +473,7 @@ describe('express-winston', function () {
});
});
- it('should log entire body when request whitelist contains body and there is no body whitelist or blacklist', function () {
+ it('should log entire body when request allowlist contains body and there is no body allowlist or denylist', function () {
function next(req, res, next) {
res.end();
}
@@ -489,9 +489,9 @@ describe('express-winston', function () {
url: '/hello'
},
loggerOptions: {
- bodyBlacklist: [],
- bodyWhitelist: [],
- requestWhitelist: expressWinston.requestWhitelist.concat('body')
+ bodyDenylist: [],
+ bodyAllowlist: [],
+ requestAllowlist: expressWinston.requestAllowlist.concat('body')
}
};
return loggerTestHelper(testHelperOptions).then(function (result) {
@@ -504,8 +504,8 @@ describe('express-winston', function () {
it('should not invoke the transport when invoked on a route with transport level of "error"', function () {
function next(req, res, next) {
- req._routeWhitelists.req = ['routeLevelAddedProperty'];
- req._routeWhitelists.res = ['routeLevelAddedProperty'];
+ req._routeAllowlists.req = ['routeLevelAddedProperty'];
+ req._routeAllowlists.res = ['routeLevelAddedProperty'];
res.end('{ "message": "Hi! I\'m a chunk!" }');
}
@@ -521,7 +521,7 @@ describe('express-winston', function () {
url: '/hello',
},
res: {
- nonWhitelistedProperty: 'value that should not be logged',
+ nonAllowlistedProperty: 'value that should not be logged',
routeLevelAddedProperty: 'value that should be logged'
},
transportOptions: {
@@ -533,64 +533,64 @@ describe('express-winston', function () {
});
});
- it('should use the exported requestWhitelist', function () {
- var originalWhitelist = expressWinston.requestWhitelist;
- expressWinston.requestWhitelist = ['foo'];
+ it('should use the exported requestAllowlist', function () {
+ var originalAllowlist = expressWinston.requestAllowlist;
+ expressWinston.requestAllowlist = ['foo'];
var options = {
req: { foo: 'bar' }
};
return loggerTestHelper(options).then(function (result) {
// Return to the original value for later tests
- expressWinston.requestWhitelist = originalWhitelist;
+ expressWinston.requestAllowlist = originalAllowlist;
result.log.meta.req.should.have.property('foo');
result.log.meta.req.should.not.have.property('url');
});
});
- it('should use the exported bodyWhitelist', function () {
- var originalWhitelist = expressWinston.bodyWhitelist;
- expressWinston.bodyWhitelist = ['foo'];
+ it('should use the exported bodyAllowlist', function () {
+ var originalAllowlist = expressWinston.bodyAllowlist;
+ expressWinston.bodyAllowlist = ['foo'];
var options = {
req: { body: { foo: 'bar', baz: 'qux' } }
};
return loggerTestHelper(options).then(function (result) {
// Return to the original value for later tests
- expressWinston.bodyWhitelist = originalWhitelist;
+ expressWinston.bodyAllowlist = originalAllowlist;
result.log.meta.req.body.should.have.property('foo');
result.log.meta.req.body.should.not.have.property('baz');
});
});
- it('should use the exported bodyBlacklist', function () {
- var originalBlacklist = expressWinston.bodyBlacklist;
- expressWinston.bodyBlacklist = ['foo'];
+ it('should use the exported bodyDenylist', function () {
+ var originalDenylist = expressWinston.bodyDenylist;
+ expressWinston.bodyDenylist = ['foo'];
var options = {
req: { body: { foo: 'bar', baz: 'qux' } }
};
return loggerTestHelper(options).then(function (result) {
// Return to the original value for later tests
- expressWinston.bodyBlacklist = originalBlacklist;
+ expressWinston.bodyDenylist = originalDenylist;
result.log.meta.req.body.should.not.have.property('foo');
result.log.meta.req.body.should.have.property('baz');
});
});
- it('should use the exported responseWhitelist', function () {
- var originalWhitelist = expressWinston.responseWhitelist;
- expressWinston.responseWhitelist = ['foo'];
+ it('should use the exported responseAllowlist', function () {
+ var originalAllowlist = expressWinston.responseAllowlist;
+ expressWinston.responseAllowlist = ['foo'];
var options = {
res: { foo: 'bar', baz: 'qux' }
};
return loggerTestHelper(options).then(function (result) {
// Return to the original value for later tests
- expressWinston.responseWhitelist = originalWhitelist;
+ expressWinston.responseAllowlist = originalAllowlist;
result.log.meta.res.should.have.property('foo');
result.log.meta.res.should.not.have.property('baz');
@@ -667,11 +667,11 @@ describe('express-winston', function () {
function next(req, res, next) {
req._startTime = (new Date()) - 125;
- req._routeWhitelists.req = ['routeLevelAddedProperty'];
- req._routeWhitelists.res = ['routeLevelAddedProperty'];
+ req._routeAllowlists.req = ['routeLevelAddedProperty'];
+ req._routeAllowlists.res = ['routeLevelAddedProperty'];
- req._routeWhitelists.body = ['username'];
- req._routeBlacklists.body = ['age'];
+ req._routeAllowlists.body = ['username'];
+ req._routeDenylists.body = ['age'];
res.end('{ "message": "Hi! I\'m a chunk!" }');
}
@@ -688,7 +688,7 @@ describe('express-winston', function () {
routeLevelAddedProperty: 'value that should be logged'
},
res: {
- nonWhitelistedProperty: 'value that should not be logged',
+ nonAllowlistedProperty: 'value that should not be logged',
routeLevelAddedProperty: 'value that should be logged'
},
};
@@ -719,7 +719,7 @@ describe('express-winston', function () {
result.log.meta.res.statusCode.should.eql(200);
result.log.meta.res.routeLevelAddedProperty.should.be.ok();
- result.log.meta.res.should.not.have.property('nonWhitelistedProperty');
+ result.log.meta.res.should.not.have.property('nonAllowlistedProperty');
});
});
@@ -774,7 +774,7 @@ describe('express-winston', function () {
{
responseField: 'httpRequest',
requestField: 'httpRequest',
- responseWhitelist: [...expressWinston.responseWhitelist, 'responseTime']
+ responseAllowlist: [...expressWinston.responseAllowlist, 'responseTime']
}
})
.then(function (result) {
@@ -1255,8 +1255,8 @@ describe('express-winston', function () {
});
});
- describe('headerBlacklist option', function () {
- it('should default to global defaultHeaderBlackList', function () {
+ describe('headerDenylist option', function () {
+ it('should default to global defaultHeaderDenyList', function () {
return loggerTestHelper().then(function (result) {
result.log.meta.req.headers.should.have.property('header-1');
result.log.meta.req.headers.should.have.property('header-2');
@@ -1264,10 +1264,10 @@ describe('express-winston', function () {
});
});
- it('should use specified headerBlackList', function () {
+ it('should use specified headerDenyList', function () {
var options = {
loggerOptions: {
- headerBlacklist: ['header-1', 'Header-3']
+ headerDenylist: ['header-1', 'Header-3']
}
};
return loggerTestHelper(options).then(function (result) {
@@ -1277,11 +1277,11 @@ describe('express-winston', function () {
});
});
- it('should not use specified headerBlackList since the requestWhiteList is empty', function () {
+ it('should not use specified headerDenyList since the requestAllowList is empty', function () {
var options = {
loggerOptions: {
- requestWhitelist: ['url'],
- headerBlacklist: ['header-1']
+ requestAllowlist: ['url'],
+ headerDenylist: ['header-1']
}
};
return loggerTestHelper(options).then(function (result) {
@@ -1289,14 +1289,14 @@ describe('express-winston', function () {
});
});
- it('should not headerBlackList but since a requestFilter is set', function () {
+ it('should not headerDenyList but since a requestFilter is set', function () {
const customRequestFilter = (req, propName) => {
return (propName !== 'headers') ? req[propName] : undefined;
};
var options = {
loggerOptions: {
requestFilter: customRequestFilter,
- headerBlacklist: ['header-1']
+ headerDenylist: ['header-1']
}
};
return loggerTestHelper(options).then(function (result) {
@@ -1305,8 +1305,8 @@ describe('express-winston', function () {
});
});
- describe('requestWhitelist option', function () {
- it('should default to global requestWhitelist', function () {
+ describe('requestAllowlist option', function () {
+ it('should default to global requestAllowlist', function () {
var options = {
req: { foo: 'bar' }
};
@@ -1315,11 +1315,11 @@ describe('express-winston', function () {
});
});
- it('should use specified requestWhitelist', function () {
+ it('should use specified requestAllowlist', function () {
var options = {
req: { foo: 'bar' },
loggerOptions: {
- requestWhitelist: ['foo']
+ requestAllowlist: ['foo']
}
};
return loggerTestHelper(options).then(function (result) {
@@ -1328,10 +1328,10 @@ describe('express-winston', function () {
});
});
- it('should not include a req in the log when there is no request whitelist', function () {
+ it('should not include a req in the log when there is no request allowlist', function () {
var options = {
loggerOptions: {
- requestWhitelist: [],
+ requestAllowlist: [],
}
};
return loggerTestHelper(options).then(function (result) {
@@ -1340,12 +1340,12 @@ describe('express-winston', function () {
});
});
- describe('bodyBlacklist option', function () {
- it('should remove the body if it is requestWhitelisted and the bodyBlacklist removes all properties', function () {
+ describe('bodyDenylist option', function () {
+ it('should remove the body if it is requestAllowlisted and the bodyDenylist removes all properties', function () {
var options = {
loggerOptions: {
- bodyBlacklist: ['foo', 'baz'],
- requestWhitelist: ['body'],
+ bodyDenylist: ['foo', 'baz'],
+ requestAllowlist: ['body'],
},
req: {
body: { foo: 'bar', baz: 'qux' }
@@ -1357,8 +1357,8 @@ describe('express-winston', function () {
});
});
- describe('responseWhitelist option', function () {
- it('should default to global responseWhitelist', function () {
+ describe('responseAllowlist option', function () {
+ it('should default to global responseAllowlist', function () {
var options = {
res: { foo: 'bar' }
};
@@ -1367,11 +1367,11 @@ describe('express-winston', function () {
});
});
- it('should use specified responseWhitelist', function () {
+ it('should use specified responseAllowlist', function () {
var options = {
res: { foo: 'bar' },
loggerOptions: {
- responseWhitelist: ['foo']
+ responseAllowlist: ['foo']
}
};
return loggerTestHelper(options).then(function (result) {
@@ -1380,11 +1380,11 @@ describe('express-winston', function () {
});
});
- it('should work with nested responseWhitelist', function () {
+ it('should work with nested responseAllowlist', function () {
var options = {
res: {foo: {test: "bar"}},
loggerOptions: {
- responseWhitelist: ['foo.test']
+ responseAllowlist: ['foo.test']
}
};
return loggerTestHelper(options).then(function (result) {
@@ -1509,7 +1509,7 @@ describe('express-winston', function () {
});
});
- describe('allowFilterOutWhitelistedRequestBody option', function() {
+ describe('allowFilterOutAllowlistedRequestBody option', function() {
const removeRequestBodyFilter = (req, propName) => {
return (propName !== 'body') ? req[propName] : undefined;
};
@@ -1520,48 +1520,48 @@ describe('express-winston', function () {
}
},
loggerOptions: {
- requestWhitelist: ['body', 'url'],
+ requestAllowlist: ['body', 'url'],
requestFilter: removeRequestBodyFilter
}
};
- it('should not filter out request whitelisted body using requestFilter when option missing', function() {
+ it('should not filter out request allowlisted body using requestFilter when option missing', function() {
return loggerTestHelper(options).then(function (result) {
result.log.meta.req.should.have.property('body');
});
});
- it('should filter out request whitelisted body using requestFilter when option exists', function() {
- return loggerTestHelper(_.extend(options, { loggerOptions: _.extend(options.loggerOptions, { allowFilterOutWhitelistedRequestBody: true }) })).then(function (result) {
+ it('should filter out request allowlisted body using requestFilter when option exists', function() {
+ return loggerTestHelper(_.extend(options, { loggerOptions: _.extend(options.loggerOptions, { allowFilterOutAllowlistedRequestBody: true }) })).then(function (result) {
result.log.meta.req.should.not.have.property('body');
});
});
});
});
- describe('.requestWhitelist', function () {
- it('should be an array with all the properties whitelisted in the req object', function () {
- expressWinston.requestWhitelist.should.be.an.Array();
+ describe('.requestAllowlist', function () {
+ it('should be an array with all the properties allowlisted in the req object', function () {
+ expressWinston.requestAllowlist.should.be.an.Array();
});
});
- describe('.bodyWhitelist', function () {
- it('should be an array with all the properties whitelisted in the body object', function () {
- expressWinston.bodyWhitelist.should.be.an.Array();
+ describe('.bodyAllowlist', function () {
+ it('should be an array with all the properties allowlisted in the body object', function () {
+ expressWinston.bodyAllowlist.should.be.an.Array();
});
});
- describe('.bodyBlacklist', function () {
+ describe('.bodyDenylist', function () {
});
- describe('.responseWhitelist', function () {
- it('should be an array with all the properties whitelisted in the res object', function () {
- expressWinston.responseWhitelist.should.be.an.Array();
+ describe('.responseAllowlist', function () {
+ it('should be an array with all the properties allowlisted in the res object', function () {
+ expressWinston.responseAllowlist.should.be.an.Array();
});
});
- describe('.defaultHeaderBlacklist', function () {
+ describe('.defaultHeaderDenylist', function () {
it('should be an array with all the header which are prevented to be logged', function () {
- expressWinston.defaultHeaderBlacklist.should.be.an.Array();
+ expressWinston.defaultHeaderDenylist.should.be.an.Array();
});
});