MASK
".revdebug.json
configuration file.mask
- A regular expression which specifies what variable / parameter / attribute names are to be masked (not recorded). This is intended to hide things like passwords and other secrets. Default is /^#?(?:pwd|.*password.*)$/i
which will match the standalone name pwd
as well as any name which contains the string password
, case insensitive. Notice that the #
character is included for possible private class attributes, this must be specified explicitly. Also remember to specify the beginning and end of input assertions ^
and $
in order to match a whole identifier instead of just searching through it for a substring (unless that is what you want to do). The masking is done both at compile-time for the majority of variable names but can also be done at runtime for property names of objects. The runtime masking can cause a slowdown on the code execution and so it may be enabled / disabled with the runtime option maskProps
(boolean value).maskProps
- a true/false switch enabling variable values masking for objects properties at runtime (defaults to false
)./* revdmask */
comment directive. Placed before a variable access which would normally show the value of that variable it will suppress such display. This is intended to hide user passwords and other secrets you may not want someone who is reverse debugging to see. These directives are only positional and don't attach themselves to the variable. That means that if you mask the variable in one place in the source but not in another then it will be visible in that second location unless you mask it there as well.screen: true
" option is used in revdebug.json
configuration file RevDeBug will record last seconds of user interation with the web page to be available with the associated source code execution recording. To exclude parts of the website elements from being recorded at all you need to provide a css class name in the revdebug.json
configuration file that you'll use to mark the web page elements for the exclusion.blockClass
' option in a "screenOptions"
section of revdebug.json
file, eg:rdb_block
" in the example above) to your web site elements - after next RevDeBug instrumentation they will stop being recorded and will be replaced with a placeholder of the same dimensions. Or you can specify the name of a class which already exists in your project and all elements with that class will be blocked. If you need to specify a regular expression to match multiple css classes the string needs to starts with a /
character, eg. /^secret-.*/i
will match all classes starting with "secret-
" case insensitive (the "i
" flag at the end).revdoff
(and revdon
respectively for the reverse), and revderr
for a hybrid approach where most of the code is not recorded but thrown exceptions are - this helps with exception localization for code excluded from recording (modern JavaScript runtimes do not suffer any performance penalty when revderr
is used).function something() {"revdoff";// code in this function will not be recorded}
revdon
. In order to be able to enable recording, the recording mode must be revderr
due to the required function and program entry and exit code which is needed but not present in revdoff
mode./* revdon */
or /* revderr */
or /* revdoff */
comment. The comment may be a block /* */
or line //
comment. These are not perfect though since they are evaluated on entry to a node during a walk of the AST of the program. This means that they won't work at a very granular level like an individual variable in a destructured assignment, mostly they are meant for individual statements, expressions or blocks.