maskAndFetchJSON() - Exception in masking JSONPath

Hello everyone,

We're having some issue with the datamasking feature.

There's some exceptions inside the logs :

2019-05-14 10:39:41,125 org:XXX env:XXX api:XXX rev:XXX messageid:XXX  NIOThread@0 WARN  DEBUG.MASK - DebugMaskDataUtil.maskAndFetchJSON() : Exception in masking JSONPath : $.[*].field0 for Payload : {
  "field1": "value1",
  "field2": "value2",
  "field3": "value3",
  "field4": "value4"
} Session : XXX MaskConfigXpaths : [$.field0, $.[*].field0, $.field2, $.[*].field2, $.field4, $.[*].field4]

Here's our datamask :

{
    "jSONPathsRequest": [
        "$.field1",
        "$.[*].field1",
        "$.field2",
        "$.[*].field2",
        "$.field3",
        "$.[*].field3",
        "$.field4",
        "$.[*].field4",
        "$.field5",
        "$.[*].field5",
        "$.field6",
        "$.[*].field6",
        "$.field7",
        "$.[*].field7"
    ],
    "jSONPathsResponse": [
        "$.field1",
        "$.[*].field1",
        "$.field2",
        "$.[*].field2",
        "$.field3",
        "$.[*].field3",
        "$.field4",
        "$.[*].field4",
        "$.field5",
        "$.[*].field5",
        "$.field6",
        "$.[*].field6",
        "$.field7",
        "$.[*].field7"
    ],
    "name": "default",
    "variables": [
        "request.header.field1",
        "request.formparam.field1",
        "response.header.field1",
        "response.formparam.field1",
        "message.header.field1",
        "message.formparam.field1",
        "request.header.field2",
        "request.formparam.field2",
        "response.header.field2",
        "response.formparam.field2",
        "message.header.field2",
        "message.formparam.field2",
        "request.header.field3",
        "request.formparam.field3",
        "response.header.field3",
        "response.formparam.field3",
        "message.header.field3",
        "message.formparam.field3",
        "request.header.field4",
        "request.formparam.field4",
        "response.header.field4",
        "response.formparam.field4",
        "message.header.field4",
        "message.formparam.field4",
        "request.header.field5",
        "request.formparam.field5",
        "response.header.field5",
        "response.formparam.field5",
        "message.header.field5",
        "message.formparam.field5",
        "request.header.field6",
        "request.formparam.field6",
        "response.header.field6",
        "response.formparam.field6",
        "message.header.field6",
        "message.formparam.field6",
        "request.header.field7",
        "request.formparam.field7",
        "response.header.field7",
        "response.formparam.field7",
        "message.header.field7",
        "message.formparam.field7"
    ],
    "xPathsRequest": [
        "//field1",
        "//field2",
        "//field3",
        "//field4",
        "//field5",
        "//field6",
        "//field7"
    ],
    "xPathsResponse": [
        "//field1",
        "//field2",
        "//field3",
        "//field4",
        "//field5",
        "//field6",
        "//field7"
    ]
}

We've tried with the JSONPath syntax $..field1 too and we get the same type of exception.

1 5 182
5 REPLIES 5

the logs tell you there is an Exception.

Do the logs tell you anything else? What KIND of exception?

Can you give any more context about this?

Does the masking actually work as expected? If not,

  • what results are you expecting to see?
  • what results are you actually seeing?

The logs don't tell anything else. Not even the kind of exception.

This happen we start a trace. The masking seems to work as intended.

I'm familiar with the operation of the JSONPath library that is used here. If the path specified in the jsonpath does not exist in the payload, the jsonpath library throws an exception. You've got a number of paths there that don't exist in your particular payload, so I suspect the exception is resulting from that.

It seems like a bug in observability. The exception is normal, and should not be reported in the logs under normal circumstances. Unless you have DEBUG on, we wouldn't want that exception noted.

I've filed a defect to fix the logging behavior.

reference # b/132691955.

Actually this datamask is applied on all of our organizations to hide sensitive data that may not be in the payload so I think you may be right 🙂 thank you for your time and reactivity !

:thumbs up: