Skip to main content

Hide Sensitive Data

Learn how you can prevent sensitive test data from appearing in the Automate logs.

Some tests that work with user data might include sensitive information, such as email ID, user names, etc. Based on the commands that you use, the Text Logs or the Raw Logs that are generated might expose this sensitive data.

This guide shows you how to mask sensitive data appearing in Text Logs or the Raw Logs using the browserstack.maskCommands capability.

Important: It is recommended that you disable the Playwright logs since the browserstack.maskCommands capability masks only the sensitive data from Text & Raw Logs. The sensitive information from Playwright Logs remains unmasked.

Use the browserstack.maskCommands capability

Use the code snippet to set the browserstack.maskCommands capability. You can pass multiple supported commands in a single array, separated by commas as follows:

capabilities['browserstack.maskCommands'] = 'sendType, sendPress, setHTTPCredentials, setStorageState, setGeolocation'

The browserstack.maskCommands capability masks data that you send to or retrieve from the remote browsers through the following commands. For example, when you set value as sendType, BrowserStack masks sensitive data sent through any .type command in your script:

Capability BrowserStack command Example Playwright command
browserstack.maskCommands sendType
Masks the type method of the ElementHandle and Locator class.
await element.type('Browserstack');
  sendPress
Masks the press method of the ElementHandle and Locator class.
await element.press('Enter');
  setHTTPCredentials
Masks the HTTP credentials parameter in the newContext and newPage method of the browser class.
await browser.newContext({httpCredentials: { username: "admin", password: "admin" }})
  setStorageState
Masks the storage state parameter in the newContext and newPage method of the browser class.
await browser.newContext({storageState: 'state.json'})
  setGeolocation
Masks the Geolocation parameter in the newContext and newPage method of the browser class.
await browser.newContext({geolocation: { longitude: -118.242766, latitude: 34.0536909 }})

View test results

After you run your test, visit the Automate dashboard to view your test results.

When the browserstack.maskCommands capability is used for the supported commands, all requested commands are replaced with REDACTED VALUE in your Text Logs or the Raw Logs. Image of logs where sendkeys input is shown as redacted

We're sorry to hear that. Please share your feedback so we can do better

Contact our Support team for immediate help while we work on improving our docs.

We're continuously improving our docs. We'd love to know what you liked






Thank you for your valuable feedback

Is this page helping you?

Yes
No

We're sorry to hear that. Please share your feedback so we can do better

Contact our Support team for immediate help while we work on improving our docs.

We're continuously improving our docs. We'd love to know what you liked






Thank you for your valuable feedback!

Talk to an Expert
Talk to an Expert