feat(ai): add security preferences management to AI settings (#8453)

This commit is contained in:
naman-bruno
2026-07-02 14:42:48 +05:30
committed by GitHub
parent 022426a3ab
commit 408aef9eef
14 changed files with 734 additions and 66 deletions

View File

@@ -0,0 +1,255 @@
import { useState } from 'react';
import { IconPlus, IconTrash } from '@tabler/icons';
import ToggleSwitch from 'components/ToggleSwitch';
const BUILT_IN_HEADER_EXAMPLES = [
'Authorization',
'Proxy-Authorization',
'Cookie',
'Set-Cookie',
'X-API-Key',
'X-Auth-Token',
'X-Access-Token',
'X-CSRF-Token'
];
const normalize = (raw) => String(raw || '').trim();
/**
* Compact editor for a case-insensitive name list. Used for both custom
* header names and custom variable names — the shape is identical.
*/
const CHIP_MAX_LENGTH = 200;
const CHIP_MAX_COUNT = 200;
const ChipListEditor = ({ list, placeholder, onChange, addTestId, inputTestId, removeTestIdPrefix }) => {
const [draft, setDraft] = useState('');
const values = Array.isArray(list) ? list : [];
const atCapacity = values.length >= CHIP_MAX_COUNT;
const handleAdd = () => {
const value = normalize(draft);
if (!value || value.length > CHIP_MAX_LENGTH || atCapacity) return;
if (values.some((v) => v.toLowerCase() === value.toLowerCase())) {
setDraft('');
return;
}
onChange([...values, value]);
setDraft('');
};
const handleRemove = (name) => {
onChange(values.filter((v) => v !== name));
};
const handleKeyDown = (e) => {
if (e.key === 'Enter') {
e.preventDefault();
handleAdd();
}
};
const trimmedDraft = normalize(draft);
const draftTooLong = trimmedDraft.length > CHIP_MAX_LENGTH;
const addDisabled = !trimmedDraft || draftTooLong || atCapacity;
return (
<>
<div className="security-add-row flex items-center gap-2">
<input
type="text"
className="security-input flex-1"
placeholder={placeholder}
value={draft}
maxLength={CHIP_MAX_LENGTH}
onChange={(e) => setDraft(e.target.value)}
onKeyDown={handleKeyDown}
disabled={atCapacity}
data-testid={inputTestId}
/>
<button
type="button"
className="security-add-btn inline-flex items-center gap-1 text-[11px] font-medium"
onClick={handleAdd}
disabled={addDisabled}
data-testid={addTestId}
>
<IconPlus size={13} strokeWidth={1.75} />
Add
</button>
</div>
{atCapacity && (
<span className="security-sub text-[10.5px]">
Reached the {CHIP_MAX_COUNT}-entry limit. Remove one to add another.
</span>
)}
{values.length > 0 && (
<ul className="security-chip-list flex flex-wrap gap-1.5">
{values.map((name) => (
<li key={name} className="security-chip inline-flex items-center gap-1">
<span className="security-chip-text">{name}</span>
<button
type="button"
className="security-chip-remove"
onClick={() => handleRemove(name)}
aria-label={`Remove ${name}`}
data-testid={removeTestIdPrefix ? `${removeTestIdPrefix}-${name}` : undefined}
>
<IconTrash size={11} strokeWidth={1.75} />
</button>
</li>
))}
</ul>
)}
</>
);
};
const SecurityPane = ({
aiEnabled,
redactHeaders,
redactBody,
redactVariables,
redactResponse,
customRedactedHeaders,
customRedactedVariables,
onToggleRedactHeaders,
onToggleRedactBody,
onToggleRedactVariables,
onToggleRedactResponse,
onChangeCustomRedactedHeaders,
onChangeCustomRedactedVariables
}) => {
if (!aiEnabled) {
return (
<div className="security-tab flex flex-col gap-3">
<div className="ai-empty-notice px-3.5 py-3 text-xs">
Turn on AI in the Configuration tab to configure redaction.
</div>
</div>
);
}
return (
<div className="security-tab flex flex-col gap-3">
<div className="ai-empty-notice px-3.5 py-3 text-xs">
Bruno strips sensitive values from the context it sends to AI providers. Toggle any check off if it gets in the way, or extend the lists below.
</div>
<div className="security-card">
<div className="security-row flex items-center justify-between gap-3 px-3.5 py-3">
<div className="flex flex-col gap-0.5 min-w-0">
<span className="text-[12.5px] font-semibold">Redact sensitive header values</span>
<span className="security-sub text-[11px]">
Masks Authorization, cookies, API keys, and other credential-bearing headers in the request context.
</span>
</div>
<ToggleSwitch
size="m"
isOn={redactHeaders}
handleToggle={() => onToggleRedactHeaders(!redactHeaders)}
data-testid="ai-security-headers-toggle"
/>
</div>
<div className="security-row flex items-center justify-between gap-3 px-3.5 py-3">
<div className="flex flex-col gap-0.5 min-w-0">
<span className="text-[12.5px] font-semibold">Redact sensitive body keys</span>
<span className="security-sub text-[11px]">
Masks values under keys like <code>password</code>, <code>*_token</code>, <code>secret</code> in JSON and GraphQL variables. Structure and non-sensitive fields still pass through.
</span>
</div>
<ToggleSwitch
size="m"
isOn={redactBody}
handleToggle={() => onToggleRedactBody(!redactBody)}
data-testid="ai-security-body-toggle"
/>
</div>
<div className="security-row flex items-center justify-between gap-3 px-3.5 py-3">
<div className="flex flex-col gap-0.5 min-w-0">
<span className="text-[12.5px] font-semibold">Redact response values</span>
<span className="security-sub text-[11px]">
Sends the response as a shape only real values replaced with type placeholders (<code>&lt;string&gt;</code>, <code>&lt;number&gt;</code>). Turn off to send the actual response body.
</span>
</div>
<ToggleSwitch
size="m"
isOn={redactResponse}
handleToggle={() => onToggleRedactResponse(!redactResponse)}
data-testid="ai-security-response-toggle"
/>
</div>
<div className="security-row flex items-center justify-between gap-3 px-3.5 py-3">
<div className="flex flex-col gap-0.5 min-w-0">
<span className="text-[12.5px] font-semibold">Redact secret variable values</span>
<span className="security-sub text-[11px]">
Masks values whose names look like secrets. Variables explicitly marked <em>secret</em> are always redacted regardless of this switch.
</span>
</div>
<ToggleSwitch
size="m"
isOn={redactVariables}
handleToggle={() => onToggleRedactVariables(!redactVariables)}
data-testid="ai-security-variables-toggle"
/>
</div>
</div>
<div className="security-card">
<div className="security-row flex flex-col gap-2 px-3.5 py-3">
<div className="flex flex-col gap-0.5">
<span className="text-[12.5px] font-semibold">Custom redacted headers</span>
<span className="security-sub text-[11px]">
Exact, case-insensitive header names to always mask on top of the built-in list.
</span>
</div>
<ChipListEditor
list={customRedactedHeaders}
placeholder="X-Custom-Token"
onChange={onChangeCustomRedactedHeaders}
inputTestId="ai-security-custom-header-input"
addTestId="ai-security-custom-header-add"
removeTestIdPrefix="ai-security-custom-header-remove"
/>
</div>
<div className="security-row flex flex-col gap-2 px-3.5 py-3">
<div className="flex flex-col gap-0.5">
<span className="text-[12.5px] font-semibold">Custom redacted variables</span>
<span className="security-sub text-[11px]">
Variable names whose values should always be masked when Bruno lists them for the model for anything you want redacted besides values already flagged as <em>secret</em>.
</span>
</div>
<ChipListEditor
list={customRedactedVariables}
placeholder="MY_SESSION_TOKEN"
onChange={onChangeCustomRedactedVariables}
inputTestId="ai-security-custom-var-input"
addTestId="ai-security-custom-var-add"
removeTestIdPrefix="ai-security-custom-var-remove"
/>
</div>
<div className="security-row flex flex-col gap-1 px-3.5 py-3">
<span className="text-[11px] font-medium security-sub">Already covered by default</span>
<div className="security-builtin flex flex-wrap gap-1.5">
{BUILT_IN_HEADER_EXAMPLES.map((name) => (
<span key={name} className="security-builtin-chip">{name}</span>
))}
<span className="security-builtin-more text-[10.5px]">
plus any name matching <code>token</code>, <code>secret</code>, <code>password</code>, or <code>api_key</code>.
</span>
</div>
</div>
</div>
</div>
);
};
export default SecurityPane;

View File

@@ -466,6 +466,118 @@ const StyledWrapper = styled.div`
}
}
.security-card {
border: 1px solid ${(props) => props.theme.input.border};
border-radius: ${(props) => props.theme.border.radius.md};
background: ${(props) => props.theme.input.bg};
}
.security-sub {
color: ${(props) => props.theme.colors.text.muted};
code {
font-family: ${(props) => props.theme.font.monospace || 'monospace'};
color: ${(props) => props.theme.text};
}
}
.security-row + .security-row {
border-top: 1px dashed ${(props) => props.theme.input.border};
}
.security-input {
padding: 5px 8px;
font-size: 12px;
font-family: ${(props) => props.theme.font.monospace || 'monospace'};
border-radius: ${(props) => props.theme.border.radius.sm};
border: 1px solid ${(props) => props.theme.input.border};
background: ${(props) => props.theme.bg};
color: ${(props) => props.theme.text};
&::placeholder {
color: ${(props) => props.theme.colors.text.muted};
opacity: 0.7;
}
&:focus {
outline: none;
border-color: ${(props) => props.theme.input.focusBorder};
}
}
.security-add-btn {
color: ${(props) => props.theme.colors.text.muted};
background: transparent;
border: 1px solid ${(props) => props.theme.input.border};
border-radius: ${(props) => props.theme.border.radius.sm};
padding: 4px 10px;
cursor: pointer;
transition: color 0.15s ease, border-color 0.15s ease;
&:hover:not(:disabled) {
color: ${(props) => props.theme.text};
border-color: ${(props) => props.theme.colors.accent}80;
}
&:disabled {
opacity: 0.5;
cursor: not-allowed;
}
}
.security-chip-list {
list-style: none;
padding: 0;
margin: 0;
}
.security-chip {
padding: 3px 4px 3px 8px;
font-size: 11px;
font-family: ${(props) => props.theme.font.monospace || 'monospace'};
border: 1px solid ${(props) => props.theme.input.border};
border-radius: ${(props) => props.theme.border.radius.sm};
background: ${(props) => props.theme.bg};
color: ${(props) => props.theme.text};
}
.security-chip-remove {
display: inline-flex;
align-items: center;
justify-content: center;
padding: 2px;
border: none;
background: transparent;
color: ${(props) => props.theme.colors.text.muted};
cursor: pointer;
border-radius: ${(props) => props.theme.border.radius.sm};
transition: color 0.15s ease, background-color 0.15s ease;
&:hover {
color: ${(props) => props.theme.colors.text.danger};
background: ${(props) => props.theme.colors.bg.danger}15;
}
}
.security-builtin-chip {
padding: 2px 7px;
font-size: 10.5px;
font-family: ${(props) => props.theme.font.monospace || 'monospace'};
color: ${(props) => props.theme.colors.text.muted};
border: 1px dashed ${(props) => props.theme.input.border};
border-radius: ${(props) => props.theme.border.radius.sm};
}
.security-builtin-more {
color: ${(props) => props.theme.colors.text.muted};
align-self: center;
code {
font-family: ${(props) => props.theme.font.monospace || 'monospace'};
color: ${(props) => props.theme.text};
}
}
@keyframes spin {
from { transform: rotate(0deg); }
to { transform: rotate(360deg); }

View File

@@ -6,13 +6,14 @@ import { useFormik } from 'formik';
import { useDispatch, useSelector } from 'react-redux';
import * as Yup from 'yup';
import toast from 'react-hot-toast';
import { IconPlus, IconSettings, IconTerminal2 } from '@tabler/icons';
import { IconPlus, IconSettings, IconShieldLock, IconTerminal2 } from '@tabler/icons';
import { savePreferences } from 'providers/ReduxStore/slices/app';
import ToggleSwitch from 'components/ToggleSwitch';
import { clearAiApiKey, getAiStatus } from 'utils/ai';
import ProviderCard from './ProviderCard';
import CompatEndpointCard from './CompatEndpointCard';
import AutocompletePane from './AutocompletePane';
import SecurityPane from './SecurityPane';
import StyledWrapper from './StyledWrapper';
const OPENAI_COMPATIBLE_PREFIX = 'openai-compatible:';
@@ -41,6 +42,14 @@ const aiPreferencesSchema = Yup.object().shape({
enabled: Yup.boolean(),
model: Yup.string().max(200).nullable(),
triggerMode: Yup.string().oneOf(['aggressive', 'debounced', 'manual']).nullable()
}),
security: Yup.object().shape({
redactHeaders: Yup.boolean(),
redactBody: Yup.boolean(),
redactVariables: Yup.boolean(),
redactResponse: Yup.boolean(),
customRedactedHeaders: Yup.array().of(Yup.string().max(200)).max(200),
customRedactedVariables: Yup.array().of(Yup.string().max(200)).max(200)
})
});
@@ -69,6 +78,12 @@ const AI = () => {
const formik = useFormik({
enableReinitialize: true,
// Skip per-change validation — every toggle would otherwise re-run the
// full nested schema (arrays of endpoints × models × …), which adds tens
// of ms of blocking work per click. debouncedSave already validates via
// `aiPreferencesSchema.validate` right before persisting.
validateOnChange: false,
validateOnBlur: false,
initialValues: {
enabled: get(preferences, 'ai.enabled', false),
providers: providerIds.reduce((acc, id) => {
@@ -82,6 +97,14 @@ const AI = () => {
enabled: get(preferences, 'ai.autocomplete.enabled', true),
model: get(preferences, 'ai.autocomplete.model', ''),
triggerMode: get(preferences, 'ai.autocomplete.triggerMode', 'debounced')
},
security: {
redactHeaders: get(preferences, 'ai.security.redactHeaders', true),
redactBody: get(preferences, 'ai.security.redactBody', true),
redactVariables: get(preferences, 'ai.security.redactVariables', true),
redactResponse: get(preferences, 'ai.security.redactResponse', true),
customRedactedHeaders: get(preferences, 'ai.security.customRedactedHeaders', []),
customRedactedVariables: get(preferences, 'ai.security.customRedactedVariables', [])
}
},
validationSchema: aiPreferencesSchema,
@@ -103,6 +126,18 @@ const AI = () => {
enabled: values.autocomplete?.enabled !== false,
model: values.autocomplete?.model || '',
triggerMode: values.autocomplete?.triggerMode || 'debounced'
},
security: {
redactHeaders: values.security?.redactHeaders !== false,
redactBody: values.security?.redactBody !== false,
redactVariables: values.security?.redactVariables !== false,
redactResponse: values.security?.redactResponse !== false,
customRedactedHeaders: Array.isArray(values.security?.customRedactedHeaders)
? values.security.customRedactedHeaders
: [],
customRedactedVariables: Array.isArray(values.security?.customRedactedVariables)
? values.security.customRedactedVariables
: []
}
}
})
@@ -270,6 +305,17 @@ const AI = () => {
<IconTerminal2 size={14} strokeWidth={1.5} />
Autocomplete
</button>
<button
type="button"
role="tab"
aria-selected={activeTab === 'security'}
className={`ai-tab ${activeTab === 'security' ? 'active' : ''}`}
onClick={() => setActiveTab('security')}
data-testid="ai-tab-security"
>
<IconShieldLock size={14} strokeWidth={1.5} />
Security
</button>
</div>
{statusError && (
@@ -430,6 +476,26 @@ const AI = () => {
/>
</div>
)}
{activeTab === 'security' && (
<div className="ai-tab-panel" role="tabpanel">
<SecurityPane
aiEnabled={formik.values.enabled}
redactHeaders={formik.values.security?.redactHeaders !== false}
redactBody={formik.values.security?.redactBody !== false}
redactVariables={formik.values.security?.redactVariables !== false}
redactResponse={formik.values.security?.redactResponse !== false}
customRedactedHeaders={formik.values.security?.customRedactedHeaders || []}
customRedactedVariables={formik.values.security?.customRedactedVariables || []}
onToggleRedactHeaders={(next) => formik.setFieldValue('security.redactHeaders', next)}
onToggleRedactBody={(next) => formik.setFieldValue('security.redactBody', next)}
onToggleRedactVariables={(next) => formik.setFieldValue('security.redactVariables', next)}
onToggleRedactResponse={(next) => formik.setFieldValue('security.redactResponse', next)}
onChangeCustomRedactedHeaders={(next) => formik.setFieldValue('security.customRedactedHeaders', next)}
onChangeCustomRedactedVariables={(next) => formik.setFieldValue('security.customRedactedVariables', next)}
/>
</div>
)}
</StyledWrapper>
);
};

View File

@@ -52,7 +52,7 @@ export const Label = styled.label`
height: 100%;
background-color: ${(props) => props.theme.colors.text.muted};
border-radius: 24px;
transition: transform 0.2s;
transition: transform 0.1s ease-out, background-color 0.1s ease-out;
}
`;
@@ -63,7 +63,7 @@ export const Inner = styled.div`
right: 2px;
bottom: 2px;
background-color: #fafafa;
transition: 0.4s;
transition: background-color 0.1s ease-out;
border-radius: ${(props) => getSizeValues(props.size).height - 2}px;
`;
@@ -74,7 +74,7 @@ export const SwitchButton = styled.div`
left: 2px;
bottom: 2px;
background-color: white;
transition: 0.4s;
transition: transform 0.1s ease-out;
border-radius: 50%;
&:before {
@@ -85,7 +85,7 @@ export const SwitchButton = styled.div`
background-color: white;
top: 2px;
left: 2px;
transition: 0.4s;
transition: transform 0.1s ease-out;
border-radius: 50%;
}
`;

View File

@@ -3,9 +3,17 @@ import { Checkbox, Inner, Label, Switch, SwitchButton } from './StyledWrapper';
const ToggleSwitch = ({ isOn, handleToggle, size = 'm', activeColor, ...props }) => {
const id = useId();
return (
<Switch size={size} {...props} onClick={handleToggle}>
<Checkbox checked={isOn} id={id} type="checkbox" size={size} activeColor={activeColor} onChange={() => {}} />
<Switch size={size} {...props}>
<Checkbox
checked={isOn}
id={id}
type="checkbox"
size={size}
activeColor={activeColor}
onChange={handleToggle}
/>
<Label htmlFor={id}>
<Inner size={size} />
<SwitchButton size={size} />

View File

@@ -73,6 +73,14 @@ const initialState = {
enabled: true,
model: '',
triggerMode: 'debounced'
},
security: {
redactHeaders: true,
redactBody: true,
redactVariables: true,
redactResponse: true,
customRedactedHeaders: [],
customRedactedVariables: []
}
}
},
@@ -292,15 +300,18 @@ export const {
} = appSlice.actions;
export const savePreferences = (preferences) => (dispatch, getState) => {
return new Promise((resolve, reject) => {
const { ipcRenderer } = window;
const previous = getState().app.preferences;
dispatch(updatePreferences(preferences));
ipcRenderer
.invoke('renderer:save-preferences', preferences)
.then(() => dispatch(updatePreferences(preferences)))
.then(resolve)
.catch(reject);
});
const { ipcRenderer } = window;
return ipcRenderer
.invoke('renderer:save-preferences', preferences)
.catch((err) => {
if (getState().app.preferences === preferences) {
dispatch(updatePreferences(previous));
}
throw err;
});
};
export const deleteCookiesForDomain = (domain) => (dispatch, getState) => {

View File

@@ -70,8 +70,11 @@ const truncateLinesFromStart = (text, maxLines) => {
return lines.slice(0, maxLines).join('\n');
};
const formatRequestContext = (ctx) => {
const { redactJsonBodyString, buildRedactionPolicy } = require('./context');
const formatRequestContext = (ctx, security) => {
if (!ctx) return '';
const policy = buildRedactionPolicy(security);
const parts = [];
if (ctx.url || ctx.method) {
parts.push(`${ctx.method || 'GET'} ${ctx.url || ''}`.trim());
@@ -85,7 +88,7 @@ const formatRequestContext = (ctx) => {
const body = ctx.body;
if (body && body.mode && body.mode !== 'none') {
let bodyText = '';
if (body.mode === 'json') bodyText = body.json || '';
if (body.mode === 'json') bodyText = redactJsonBodyString(body.json || '', policy);
else if (body.mode === 'text') bodyText = body.text || '';
else if (body.mode === 'xml') bodyText = body.xml || '';
else if (body.mode === 'graphql') bodyText = body.graphql?.query || '';
@@ -118,7 +121,7 @@ const formatSiblingScripts = (siblings) => {
.join('\n\n');
};
const buildUserPrompt = ({ prefix, suffix, scriptType, requestContext, variableNames, siblingScripts }) => {
const buildUserPrompt = ({ prefix, suffix, scriptType, requestContext, variableNames, siblingScripts, security }) => {
// Keep recent context in the prefix (last 80 lines) and a short forward window (30 lines).
// Cloud LLMs can handle more, but trimming keeps latency low and the model focused.
const trimmedPrefix = truncateLines(prefix || '', 80);
@@ -126,7 +129,7 @@ const buildUserPrompt = ({ prefix, suffix, scriptType, requestContext, variableN
const sections = [];
const reqStr = formatRequestContext(requestContext);
const reqStr = formatRequestContext(requestContext, security);
if (reqStr) sections.push(`### Request being scripted\n${reqStr}`);
const varStr = formatVariableNames(variableNames);

View File

@@ -1,6 +1,7 @@
const { ipcMain } = require('electron');
const { streamText, stepCountIs } = require('ai');
const { z } = require('zod');
const { get } = require('lodash');
const { CONTENT_TYPES, TOOL_LABELS, buildSystemPrompt, resolveContentType } = require('./chat-prompts');
const {
formatRequestContext,
@@ -9,6 +10,9 @@ const {
searchVariables,
formatSearchVariablesResult
} = require('./context');
const { getPreferences } = require('../../store/preferences');
const getSecurityPrefs = () => get(getPreferences(), 'ai.security', null);
const activeStreams = new Map();
@@ -20,14 +24,14 @@ const CONTENT_LABELS = {
'docs': 'Documentation'
};
const buildContextMessage = (contentType, allContent, requestContext, variables) => {
const buildContextMessage = (contentType, allContent, requestContext, variables, security) => {
const parts = [];
const ctx = formatRequestContext(requestContext, { includeResponse: true });
const ctx = formatRequestContext(requestContext, { includeResponse: true, security });
if (ctx) {
parts.push(`HTTP Request Context:\n${ctx}`);
}
const varsStr = formatVariablesList(variables);
const varsStr = formatVariablesList(variables, { security });
if (varsStr) {
parts.push(`Available Variables (names only — call search_variables(query) for a value):\n${varsStr}`);
}
@@ -134,6 +138,7 @@ const registerChatIpc = ({ mainWindow, resolveModel, pickDefaultModelId, isAiEna
const normalizedContent = allContent || {};
const effectiveType = contentType || 'app';
const hasMultiple = Object.values(normalizedContent).filter((c) => c && c.trim()).length > 1;
const security = getSecurityPrefs();
const readState = {};
const writeResults = [];
@@ -185,7 +190,7 @@ const registerChatIpc = ({ mainWindow, resolveModel, pickDefaultModelId, isAiEna
if (!status && data == null) {
return '(No response available — the request has not been executed yet. The user needs to run the request first.)';
}
const formatted = formatResponseShape(status, data);
const formatted = formatResponseShape(status, data, { security });
return formatted || '(empty response)';
}
},
@@ -197,13 +202,13 @@ const registerChatIpc = ({ mainWindow, resolveModel, pickDefaultModelId, isAiEna
return '(No variables available — the collection has no environment, runtime, or collection variables defined.)';
}
const result = searchVariables(variables, query);
return formatSearchVariablesResult(result, query);
return formatSearchVariablesResult(result, query, { security });
}
}
};
const allMessages = [
{ role: 'user', content: buildContextMessage(effectiveType, normalizedContent, requestContext, variables) },
{ role: 'user', content: buildContextMessage(effectiveType, normalizedContent, requestContext, variables, security) },
...messages.map((m) => ({ role: m.role, content: m.content }))
];

View File

@@ -37,6 +37,45 @@ const isSensitiveName = (name) => {
const maskValue = (name, value) => (isSensitiveName(name) ? REDACTED_VALUE : value);
const normalizeList = (list) =>
Array.isArray(list)
? list.map((s) => String(s || '').trim().toLowerCase()).filter(Boolean)
: [];
const buildRedactionPolicy = (security) => {
const redactHeaders = security?.redactHeaders !== false;
const redactBody = security?.redactBody !== false;
const redactVariables = security?.redactVariables !== false;
const redactResponse = security?.redactResponse !== false;
const customHeaderSet = new Set(normalizeList(security?.customRedactedHeaders));
const customVarSet = new Set(normalizeList(security?.customRedactedVariables));
return {
redactHeaders,
redactBody,
redactVariables,
redactResponse,
isSensitiveHeader: (name) => {
if (!name) return false;
if (customHeaderSet.has(String(name).toLowerCase())) return true;
return isSensitiveName(name);
},
// Body checks reuse the header list — custom entries are matched exactly,
// so a user who adds `password` here also catches JSON keys named the same.
isSensitiveKey: (name) => {
if (!name) return false;
if (customHeaderSet.has(String(name).toLowerCase())) return true;
return isSensitiveName(name);
},
// Explicit custom entries always redact — the toggle only gates
// pattern-based matches, since the user opted into the specific names.
isCustomVariable: (name) => Boolean(name) && customVarSet.has(String(name).toLowerCase()),
matchesVariablePattern: (name) => Boolean(name) && isSensitiveName(name)
};
};
const DEFAULT_POLICY = buildRedactionPolicy(null);
// --- Response body shape redaction ---------------------------------------
const REDACTED_TRUNCATED = '<truncated>';
@@ -76,8 +115,11 @@ const redactResponseValues = (data, depth = 0, maxDepth = 6) => {
return REDACTED_BY_TYPE[typeof data] || '<unknown>';
};
const formatResponseShape = (status, data) => {
const RESPONSE_RAW_BODY_MAX_CHARS = 8000;
const formatResponseShape = (status, data, opts = {}) => {
if (!status && data == null) return '';
const policy = buildRedactionPolicy(opts.security);
const parts = [];
if (status) parts.push(`**Last Response Status:** ${status}`);
@@ -93,12 +135,27 @@ const formatResponseShape = (status, data) => {
}
if (parsedOk) {
const redacted = redactResponseValues(parsed);
if (redacted != null) {
parts.push(`**Response Shape (values redacted — ${REDACTION_NOTICE}):**\n\`\`\`json\n${JSON.stringify(redacted, null, 2)}\n\`\`\``);
if (policy.redactResponse) {
const redacted = redactResponseValues(parsed);
if (redacted != null) {
parts.push(`**Response Shape (values redacted — ${REDACTION_NOTICE}):**\n\`\`\`json\n${JSON.stringify(redacted, null, 2)}\n\`\`\``);
}
} else {
// User opted out of response-value redaction — send the real body,
// capped so a huge response doesn't blow the model's context window.
const raw = JSON.stringify(parsed, null, 2);
const truncated = raw.length > RESPONSE_RAW_BODY_MAX_CHARS;
const shown = truncated ? `${raw.slice(0, RESPONSE_RAW_BODY_MAX_CHARS)}` : raw;
parts.push(`**Response Body:**\n\`\`\`json\n${shown}\n\`\`\`${truncated ? '\n\n(truncated)' : ''}`);
}
} else if (typeof data === 'string' && data.trim()) {
parts.push(`**Response:** non-JSON, ${data.length} chars (call read_response() for the redacted view)`);
if (policy.redactResponse) {
parts.push(`**Response:** non-JSON, ${data.length} chars (call read_response() for the redacted view)`);
} else {
const truncated = data.length > RESPONSE_RAW_BODY_MAX_CHARS;
const shown = truncated ? `${data.slice(0, RESPONSE_RAW_BODY_MAX_CHARS)}` : data;
parts.push(`**Response Body:**\n\`\`\`\n${shown}\n\`\`\`${truncated ? '\n\n(truncated)' : ''}`);
}
}
}
@@ -114,18 +171,17 @@ const formatResponseShape = (status, data) => {
* type placeholders): we DO want the model to see non-sensitive request body
* values so it can write code that references them correctly.
*/
const redactJsonBodyValues = (data, depth = 0, maxDepth = 8) => {
const redactJsonBodyValues = (data, policy, depth = 0, maxDepth = 8) => {
if (data === null || data === undefined) return data;
if (depth >= maxDepth) return REDACTED_TRUNCATED;
if (Array.isArray(data)) return data.map((item) => redactJsonBodyValues(item, depth + 1, maxDepth));
if (Array.isArray(data)) return data.map((item) => redactJsonBodyValues(item, policy, depth + 1, maxDepth));
if (typeof data === 'object') {
const out = {};
for (const key of Object.keys(data)) {
const val = data[key];
if (isSensitiveName(key) && val !== null && typeof val !== 'object') {
if (policy.isSensitiveKey(key)) {
out[key] = REDACTED_VALUE;
} else {
out[key] = redactJsonBodyValues(val, depth + 1, maxDepth);
out[key] = redactJsonBodyValues(data[key], policy, depth + 1, maxDepth);
}
}
return out;
@@ -133,11 +189,12 @@ const redactJsonBodyValues = (data, depth = 0, maxDepth = 8) => {
return data;
};
const redactJsonBodyString = (raw) => {
const redactJsonBodyString = (raw, policy = DEFAULT_POLICY) => {
if (typeof raw !== 'string' || !raw.trim()) return raw || '';
if (!policy.redactBody) return raw;
try {
const parsed = JSON.parse(raw);
return JSON.stringify(redactJsonBodyValues(parsed), null, 2);
return JSON.stringify(redactJsonBodyValues(parsed, policy), null, 2);
} catch {
// Not parseable JSON — return as-is. The renderer-side patterns + variable
// redaction are the main line of defense for arbitrary text bodies.
@@ -157,15 +214,21 @@ const redactJsonBodyString = (raw) => {
* bodyMaxChars - truncate body to this many chars (default null = full)
* includeResponse - inline the redacted response shape (default false)
* includeDocs - include the request's docs field (default true)
* security - user-configured redaction toggles (see
* buildRedactionPolicy). Omit for strict defaults.
*/
const formatRequestContext = (ctx, opts = {}) => {
const {
includeBody = true,
bodyMaxChars = null,
includeResponse = false,
includeDocs = true
includeDocs = true,
security = null
} = opts;
if (!ctx) return '';
const policy = buildRedactionPolicy(security);
const maskHeader = (name, value) => (policy.redactHeaders && policy.isSensitiveHeader(name) ? REDACTED_VALUE : (value ?? ''));
const maskFormField = (name, value) => (policy.redactBody && policy.isSensitiveKey(name) ? REDACTED_VALUE : (value ?? ''));
const parts = [];
if (ctx.url || ctx.method) {
@@ -174,17 +237,17 @@ const formatRequestContext = (ctx, opts = {}) => {
const headers = (ctx.headers || []).filter((h) => h?.enabled && h?.name);
if (headers.length) {
parts.push(`**Headers:**\n${headers.map((h) => ` ${h.name}: ${maskValue(h.name, h.value ?? '')}`).join('\n')}`);
parts.push(`**Headers:**\n${headers.map((h) => ` ${h.name}: ${maskHeader(h.name, h.value)}`).join('\n')}`);
}
const params = (ctx.params || []).filter((p) => p?.enabled && p?.name);
const query = params.filter((p) => p.type === 'query' || !p.type);
const pathParams = params.filter((p) => p.type === 'path');
if (query.length) {
parts.push(`**Query Parameters:**\n${query.map((p) => ` ${p.name}: ${maskValue(p.name, p.value ?? '')}`).join('\n')}`);
parts.push(`**Query Parameters:**\n${query.map((p) => ` ${p.name}: ${maskHeader(p.name, p.value)}`).join('\n')}`);
}
if (pathParams.length) {
parts.push(`**Path Parameters:**\n${pathParams.map((p) => ` ${p.name}: ${maskValue(p.name, p.value ?? '')}`).join('\n')}`);
parts.push(`**Path Parameters:**\n${pathParams.map((p) => ` ${p.name}: ${maskHeader(p.name, p.value)}`).join('\n')}`);
}
const body = ctx.body;
@@ -194,18 +257,18 @@ const formatRequestContext = (ctx, opts = {}) => {
// JSON bodies often contain fields like `password`, `client_secret`,
// `refresh_token`. Redact by key so the model sees the structure but
// not the secret values.
case 'json': content = redactJsonBodyString(body.json || ''); break;
case 'json': content = redactJsonBodyString(body.json || '', policy); break;
case 'text': content = body.text || ''; break;
case 'xml': content = body.xml || ''; break;
case 'sparql': content = body.sparql || ''; break;
case 'formUrlEncoded': {
const items = (body.formUrlEncoded || []).filter((p) => p.enabled);
content = items.map((p) => ` ${p.name}: ${maskValue(p.name, p.value ?? '')}`).join('\n');
content = items.map((p) => ` ${p.name}: ${maskFormField(p.name, p.value)}`).join('\n');
break;
}
case 'multipartForm': {
const items = (body.multipartForm || []).filter((p) => p.enabled);
content = items.map((p) => ` ${p.name}: ${p.type === 'file' ? '[file]' : maskValue(p.name, p.value ?? '')}`).join('\n');
content = items.map((p) => ` ${p.name}: ${p.type === 'file' ? '[file]' : maskFormField(p.name, p.value)}`).join('\n');
break;
}
case 'graphql':
@@ -213,7 +276,7 @@ const formatRequestContext = (ctx, opts = {}) => {
if (body.graphql?.variables) {
// GraphQL variables are stored as a JSON string in Bruno — same
// key-based redaction applies.
content += `\n\nVariables:\n${redactJsonBodyString(body.graphql.variables)}`;
content += `\n\nVariables:\n${redactJsonBodyString(body.graphql.variables, policy)}`;
}
break;
default: content = '';
@@ -226,7 +289,7 @@ const formatRequestContext = (ctx, opts = {}) => {
}
if (includeResponse) {
const responseStr = formatResponseShape(ctx.responseStatus, ctx.responseData);
const responseStr = formatResponseShape(ctx.responseStatus, ctx.responseData, { security });
if (responseStr) parts.push(responseStr);
}
@@ -250,11 +313,21 @@ const formatRequestContext = (ctx, opts = {}) => {
* too — never trust the value field on a secret. The backend re-masks.
*/
const isSecretVariable = (v) => Boolean(v && (v.secret || isSensitiveName(v.name)));
const isSecretVariable = (v, policy = DEFAULT_POLICY) => {
if (!v) return false;
// `secret: true` is a hard promise from the renderer's variable
// pipeline - always honor it, even when the pattern-match toggle is off.
if (v.secret) return true;
// Custom-listed names redact unconditionally, the user opted in explicitly.
if (policy.isCustomVariable(v.name)) return true;
// Built-in pattern matches only apply when the toggle is on.
if (!policy.redactVariables) return false;
return policy.matchesVariablePattern(v.name);
};
const variableValueForModel = (v) => {
const variableValueForModel = (v, policy) => {
if (!v) return '';
if (isSecretVariable(v)) return REDACTED_VALUE;
if (isSecretVariable(v, policy)) return REDACTED_VALUE;
if (v.value == null) return '';
return String(v.value);
};
@@ -265,8 +338,9 @@ const VAR_NAMES_PREVIEW_PER_SCOPE = 25;
* Inline preview shown in the prompt. Names + a small per-scope sample so
* the model knows what's available without us dumping 500 env vars.
*/
const formatVariablesList = (variables) => {
const formatVariablesList = (variables, opts = {}) => {
if (!Array.isArray(variables) || !variables.length) return '';
const policy = buildRedactionPolicy(opts.security);
const byScope = new Map();
for (const v of variables) {
@@ -282,7 +356,7 @@ const formatVariablesList = (variables) => {
const preview = list.slice(0, VAR_NAMES_PREVIEW_PER_SCOPE);
const more = total > preview.length ? ` (+${total - preview.length} more — use search_variables to find them)` : '';
const names = preview
.map((v) => (isSecretVariable(v) ? `${v.name} (secret)` : v.name))
.map((v) => (isSecretVariable(v, policy) ? `${v.name} (secret)` : v.name))
.join(', ');
lines.push(`- ${scope} (${total}): ${names}${more}`);
}
@@ -307,20 +381,19 @@ const searchVariables = (variables, rawQuery, limit = SEARCH_LIMIT) => {
return { items: filtered.slice(0, limit), totalMatched: filtered.length, limit };
};
const formatVariableLine = (v) => {
const value = variableValueForModel(v);
const tags = [v.scope || 'unknown'];
if (isSecretVariable(v)) tags.push('secret');
return ` ${v.name} = ${value} [${tags.join(', ')}]`;
};
const formatSearchVariablesResult = ({ items, totalMatched, limit }, query) => {
const formatSearchVariablesResult = ({ items, totalMatched, limit }, query, opts = {}) => {
if (!items.length) {
return query
? `No variables match "${query}".`
: 'No variables defined for this collection/environment.';
}
const lines = items.map(formatVariableLine);
const policy = buildRedactionPolicy(opts.security);
const lines = items.map((v) => {
const value = variableValueForModel(v, policy);
const tags = [v.scope || 'unknown'];
if (isSecretVariable(v, policy)) tags.push('secret');
return ` ${v.name} = ${value} [${tags.join(', ')}]`;
});
const heading = query
? `Found ${items.length}${totalMatched > items.length ? ` of ${totalMatched}` : ''} variable(s) matching "${query}":`
: `Variables (${items.length}${totalMatched > items.length ? ` of ${totalMatched}` : ''}):`;
@@ -337,11 +410,13 @@ module.exports = {
REDACTION_NOTICE,
isSensitiveName,
maskValue,
buildRedactionPolicy,
// response shape
redactResponseValues,
formatResponseShape,
// request context
formatRequestContext,
redactJsonBodyString,
// variables
isSecretVariable,
formatVariablesList,

View File

@@ -108,6 +108,50 @@ describe('ipc/ai/context', () => {
expect(out).not.toContain('secret-key');
});
it('redacts the full subtree under a sensitive key (not just direct primitives)', () => {
const out = formatRequestContext({
method: 'POST',
url: '/x',
headers: [],
params: [],
body: {
mode: 'json',
json: JSON.stringify({
password: { value: 'hunter2', hint: 'first pet' },
data: { safe: 'ok' }
})
}
});
expect(out).toContain('"password": "<redacted>"');
expect(out).not.toContain('hunter2');
expect(out).not.toContain('first pet');
expect(out).toContain('"safe": "ok"');
});
it('masks formUrlEncoded values based on redactBody, not redactHeaders', () => {
const ctx = {
method: 'POST',
url: '/login',
headers: [],
params: [],
body: {
mode: 'formUrlEncoded',
formUrlEncoded: [
{ name: 'username', value: 'alice', enabled: true },
{ name: 'password', value: 'hunter2', enabled: true }
]
}
};
// Headers-only off + body on: form field values still masked.
const bodyOn = formatRequestContext(ctx, { security: { redactHeaders: false, redactBody: true } });
expect(bodyOn).toContain('password: <redacted>');
expect(bodyOn).not.toContain('hunter2');
// Body off: raw values pass through even if headers still redacted.
const bodyOff = formatRequestContext(ctx, { security: { redactHeaders: true, redactBody: false } });
expect(bodyOff).toContain('password: hunter2');
});
it('redacts sensitive keys inside JSON bodies but keeps the shape', () => {
const out = formatRequestContext({
method: 'POST',
@@ -171,6 +215,53 @@ describe('ipc/ai/context', () => {
expect(out).toContain('…');
expect(out).not.toContain('x'.repeat(60));
});
it('leaves sensitive header/body values intact when security toggles are off', () => {
const out = formatRequestContext({
method: 'POST',
url: '/x',
headers: [{ name: 'Authorization', value: 'Bearer xyz', enabled: true }],
params: [],
body: { mode: 'json', json: JSON.stringify({ password: 'hunter2' }) }
}, { security: { redactHeaders: false, redactBody: false } });
expect(out).toContain('Authorization: Bearer xyz');
expect(out).toContain('hunter2');
expect(out).not.toContain('<redacted>');
});
it('honors customRedactedHeaders for a user-added header name', () => {
const out = formatRequestContext({
method: 'GET',
url: '/x',
headers: [{ name: 'X-Trace-Id', value: 'trace-abc', enabled: true }],
params: [],
body: null
}, { security: { customRedactedHeaders: ['X-Trace-Id'] } });
expect(out).toContain('X-Trace-Id: <redacted>');
expect(out).not.toContain('trace-abc');
});
it('sends the raw response body when redactResponse is off', () => {
const base = {
method: 'GET',
url: '/x',
headers: [],
params: [],
body: null,
responseStatus: 200,
responseData: { user: { id: 42, email: 'a@b' } }
};
const redacted = formatRequestContext(base, { includeResponse: true });
expect(redacted).toContain('Response Shape');
expect(redacted).not.toContain('a@b');
const raw = formatRequestContext(base, {
includeResponse: true,
security: { redactResponse: false }
});
expect(raw).toContain('Response Body');
expect(raw).toContain('"email": "a@b"');
});
});
describe('formatVariablesList', () => {
@@ -190,6 +281,27 @@ describe('ipc/ai/context', () => {
expect(formatVariablesList([])).toBe('');
expect(formatVariablesList(null)).toBe('');
});
it('drops the (secret) tag from name-pattern matches when redactVariables is off', () => {
const out = formatVariablesList([
{ name: 'API_TOKEN', value: 'v', scope: 'env', secret: false }
], { security: { redactVariables: false } });
expect(out).not.toContain('(secret)');
});
it('always tags variables in customRedactedVariables as secret, even when redactVariables is off', () => {
const out = formatVariablesList([
{ name: 'MY_SESSION', value: 'v', scope: 'env', secret: false }
], { security: { redactVariables: false, customRedactedVariables: ['MY_SESSION'] } });
expect(out).toContain('MY_SESSION (secret)');
});
it('keeps secret: true variables tagged even with all toggles off', () => {
const out = formatVariablesList([
{ name: 'plain_name', value: '<redacted>', scope: 'env', secret: true }
], { security: { redactVariables: false } });
expect(out).toContain('plain_name (secret)');
});
});
describe('searchVariables / formatSearchVariablesResult', () => {

View File

@@ -31,6 +31,8 @@ const activeStreams = new Map();
const getAiPrefs = () => getPreferences().ai || {};
const getSecurityPrefs = () => getAiPrefs().security || null;
const isEnabled = () => Boolean(getAiPrefs().enabled);
const buildStatus = () => {
@@ -191,6 +193,7 @@ const registerAiIpc = (mainWindow) => {
return { error: err.message };
}
const security = getSecurityPrefs();
const controller = streamId ? new AbortController() : null;
if (streamId && controller) {
activeStreams.set(streamId, controller);
@@ -211,7 +214,7 @@ const registerAiIpc = (mainWindow) => {
if (!status && data == null) {
return '(No response available — the request has not been executed yet.)';
}
return formatResponseShape(status, data) || '(empty response)';
return formatResponseShape(status, data, { security }) || '(empty response)';
}
},
search_variables: {
@@ -227,7 +230,7 @@ const registerAiIpc = (mainWindow) => {
return '(No variables available — the collection has no environment, runtime, or collection variables defined.)';
}
const result = searchVariables(variables, query);
return formatSearchVariablesResult(result, query);
return formatSearchVariablesResult(result, query, { security });
}
}
};
@@ -242,7 +245,8 @@ const registerAiIpc = (mainWindow) => {
requestContext,
docsContext,
variables,
scriptType
scriptType,
security
}),
tools,
// Cap tool-call iteration — the model gets a few chances to look

View File

@@ -299,7 +299,8 @@ const buildScriptUserPrompt = ({
requestContext,
docsContext,
variables,
scriptType
scriptType,
security
}) => {
const sections = [];
const docsContextStr = formatDocsContext(docsContext);
@@ -308,10 +309,10 @@ const buildScriptUserPrompt = ({
// Same redaction rules as the chat sidebar — sensitive headers/params masked,
// response shape only (no real values). Body is sent in full so the model
// can write code that references real keys.
const contextStr = formatRequestContext(requestContext, { includeResponse: true });
const contextStr = formatRequestContext(requestContext, { includeResponse: true, security });
if (contextStr) sections.push(`HTTP Request Context\n${contextStr}`);
const varsStr = formatVariablesList(variables);
const varsStr = formatVariablesList(variables, { security });
if (varsStr) {
sections.push(`Available Variables (names only — call search_variables(query) for a value)\n${varsStr}`);
}

View File

@@ -86,6 +86,14 @@ const defaultPreferences = {
enabled: true,
model: '',
triggerMode: 'debounced'
},
security: {
redactHeaders: true,
redactBody: true,
redactVariables: true,
redactResponse: true,
customRedactedHeaders: [],
customRedactedVariables: []
}
}
};
@@ -182,6 +190,14 @@ const preferencesSchema = Yup.object().shape({
enabled: Yup.boolean(),
model: Yup.string().max(200).nullable(),
triggerMode: Yup.string().oneOf(['aggressive', 'debounced', 'manual']).nullable()
}).optional(),
security: Yup.object({
redactHeaders: Yup.boolean(),
redactBody: Yup.boolean(),
redactVariables: Yup.boolean(),
redactResponse: Yup.boolean(),
customRedactedHeaders: Yup.array().of(Yup.string().max(200)).max(200),
customRedactedVariables: Yup.array().of(Yup.string().max(200)).max(200)
}).optional()
}).optional()
});